Skip to main content

VPN Tunnel Creation Guide

⚙️

Create a new VPN tunnel to enable secure remote access for users and devices.

Prerequisites

Before creating VPN tunnel:

✅ You have "VPN Create" permission
✅ You have "Devices View" permission (required dependency)
✅ You understand which devices/users need VPN access
✅ You know the network topology (especially for network forwarding decisions)

Step 1: Navigate to Creation Form

    Click "VPN" in left sidebar menu

    Click "+CREATE" button (teal, top-left)

    VPN Tunnel creation form loads

    Step 2: Complete Tunnel OverviewForm

    Page

    embedded-image-yxgw8lxk.png

    Guidance
    Tunnel Name (Required)

    Naming Conventions:

      Length: 3-50 characters

      Allowed: Letters, numbers, spaces, hyphens (-), underscores (_)

      Not allowed at start/end: Hyphen, underscore

      No consecutive special characters

      Examples:

        ✅ Production Tunnel 01

        ✅ Office_VPN

        ✅ Remote-Access-Main

        ❌ _Tunnel (starts with underscore)

        ❌ VPN--Tunnel (consecutive hyphens)

        💡 Naming Best Practices:

          Indicate purpose: "Production", "Development", "Support"

          Include location if relevant: "Mumbai_Office_VPN"

          Use consistent naming: "Site_Function_Number"

          Organization (Required)

          Select the organization where the tunnel will be created.

          Dropdown Options:

            Your current organization

            Child organizations under your management

            Important:

              Only devices/users from selected organization (and its children) can be added

              Cannot add devices/users from parent organizations

              The

              VPN

              Step 3: Review and Create

              Before submitting, review:

              Tunnel Overviewname Pageis providesdescriptive
              aCorrect comprehensiveorganization view of a specific VPN tunnel's configuration, status, and associated clients (devices and users).selected

              ◀️

              Form Left Pane: Tunnel Details & Actions

              The Left Pane displays the tunnel's core information and provides management actions.Actions:

              1. Core Status
              Field

              Button

              		 Description

              Color

              Action

              Name of

              CREATE

              Tunnel               The name

              Teal

              assigned

              Create tunnel and add to theAtra VPNRMS

              tunnel. Status of

              RESET

              Process               The current

              Teal operationaloutline

              state of the

              Clear VPNall serverform process:fields

              Running or Not-Running (Exited). VPN IP

              CLOSE

               The

              Red outline

              Cancel and return to VPN GatewayList

              IP Address. All traffic for this tunnel is routed through this IP address.

              2. Client

              After Information

              Creation

              ThisImmediate section tracks the current allocation of users and devices.Effects:

              Field Description Limit Number of Users Total count of users currently assigned to the tunnel. N/A Number of Devices Total count of devices currently assigned to the tunnel. N/A Allocated Clients The sum of users and devices already added to the tunnel. N/A Remaining Clients The number of additional users/devices that can still be added. N/A Max The absolute maximum number of clients a

              New tunnel canappears supportin is 253.

              253

              3.VPN Tunnel Metadata
              List
              Field Description Created By The username of the person who created the tunnel, along with the creation date and time. Organization The name of the organization and its level to which the tunnel belongs or is assigned.

              Tunnel Status: Disabled

              4.
              Management Actions

              Process

              State:
              Action Button Purpose Important ReminderExited (Beforenot Yourunning Act)yet)

              Next

              Steps: Start/Stop
              Manually controls

              Start the VPN tunnelProcess process.

              (see IfTunnel youOverview Stoppage) the tunnelAdd process,devices youand will be ableusers to addtunnel devices or

              Users users.

              download VPN Enable/Disable Controls the tunnel's manageability and activity. If the tunnel is Running and clients are connected, Disabling the tunnel will automatically Stopclient (Exit) the process, and all connections will be lost. Delete Permanently removes the tunnel. The Delete button will be disabled if thenot tunnelalready isinstalled) Enabled. You must first Disable the tunnel before you can delete it.

              Misc:Users Aconnect Refreshvia buttonVPN isDesktop located on the top corner of the Left Pane to manually update the displayed information.Application

              ▶️ Right Pane: Client Management Tabs

              The Right Pane is dedicated to managing the specific users and devices associated with the tunnel, organized into two tabs. Both tabs have an "Add" button located on the right corner of the tab header.

              Tab 1: Devices
              Column Description Key Feature & Link Device Device Name, Model Name, and the device's online status with a timestamp. The Device Name is a link that opens details in a new browser tab. Local IP The IP address of the device on its local (LAN/WAN) network. N/A VPN IP The unique IP address assigned to the device by the VPN tunnel upon addition. N/A Network Forwarding Crucial setting that controls access to the device's local network (LAN) via the VPN. See detailed definitions below.

              Network Forwarding Definitions
              State Effect Use Case Example Enabled Network traffic is forwarded through the VPN. You can access the connected device AND other devices on its local network (e.g., PLCs, servers). Required to reach devices in a remote plant that are on the connected device's LAN. Disabled Network traffic is not forwarded. You can only access the specific device that established the VPN connection. Used when you only need to interact with the device itself, for security or network isolation.

              Tab 2: Users
              Column Description Name The name of the user added to the tunnel. User VPN IP The unique VPN IP address assigned to the user upon addition. Organization Name The name of the organization the user belongs to. Email The user's email address.

              Back to top