Remote access VPN support allows you to connect to BloxOne Service Edge instances through a VPN. To provide the functionality of a VPN server, BloxOne Service Edge leverages the OpenConnect VPN server: the open-source software also known as ocserv and released under version 2 of the GNU General Public License. To provide the client functionality, BloxOne Service Edge uses the Cisco AnyConnect Secure Mobility Client. At present, Service Edge remote access VPN supports only IPv4 IP addresses.
To support the deployment of remote access VPN on Infoblox IT sites, a RADIUS proxy (for example, a DUO authentication proxy), is configured at each site and used to contact the RADIUS server or the Active Directory server to authenticate usernames and passwords.
Before configuring remote access VPN policies, you must enable the following services in Manage > On-Prem Hosts > Applications & Services:
- Remote Access VPN
- DHCP
You do not need to create rules for configuring remote access VPN policies. Instead, create a remote access VPN policy, add it to a Service Edge profile, and associate the profile with a Service Edge instance.
Note
If the DHCP services are not functioning properly, the remote access VPN service will be disabled.
Configuring a remote access VPN policy comprises the following steps: