Secure Tunnel Settings

Secure Tunnel can be configured on a replication system to allow the system to access resources from outside a network through a secure tunnel. In order to allow Secure Tunnel replication, the system must be configured using the instructions below.

  1. Connect to the replication and backup systems. For easiest configuration, connect to each from one browser using two tabs.
  2. On the replication, select Replication > Secure Tunnel Settings, check the Show Steps for the Target system box, then complete the section labled "Create a Secure Tunnel Target."
  3. Accept the default IP, subnet, and port 1194 settings. This IP and subnet are used to create the VPN interface. Please ensure that there is no conflict in your environment with the default subnet selected by Secure Tunnel.
  4. Click "Create a Secure Tunnel Target" to proceed to the next step, which is performed on the local backup system.
  5. On the backup system, select Replication > Secure Tunnel Settings, check the Show Client Steps box, then complete the section "Generate a Secure Tunnel Certificate Request". A certificate request file is generated upon clicking "Generate Request". You are prompted to download and save the certificate request file. It has a .csr extension. Proceed to the next step on the replication.
  6. On the replication, perform the step "Sign the Secure Tunnel Certificate Request." Provide the hostname of the backup system and click "Sign Request." You are prompted for the certificate request file (.csr) file saved in step labled "Configure the Secure Tunnel on the Source System." Upon signing the certificate :
    • A certificate file with a .crt extension. The file is named: <source system>.<target system>.crt.
    • A certificate authority file with a –ca.crt extension. The file is named: <source system>-ca.crt. Information about the replication hostname and configured Secure Tunnel port are provided. Note this information, as it is required to complete the final step from the backup system.
  7. On the backup system, perform the step "Configure the Secure Tunnel on the Source System."

Enter the replication system's hostname and the Secure Tunnel port you received in Step 5 above. Click "Complete Configuration" to complete the setup. You are prompted for the certificate and certificate authority files saved in the above step to complete the setup process.