Configuring a UTM as Core in the VPN configuration – Adaptive Secure Connect (ASC) – in the Securepoint Portal
Last adaptation to the version: 2.9
New:
- Konkretisierung dieses Artikels auf eine UTM als Core
- Layout und Struktur angepasst
Last updated:
- 10.2025
- Beschreibung des Namens der Topologie angepasst
This article refers to a Beta version
-
Einleitung
Dieser Artikel beschreibt, wie eine im Securepoint Portal Unified Security Console vorhandene UTM als Core für eine VPN-Konfiguration (ASC) konfiguriert werden kann.
Soll hingegen ein unverwaltetes Gerät als Core genutzt werden, so wird dies im Wiki-Artikel Unverwaltete Core-Geräte konfigurieren beschrieben.
Requirement
notempty
VPN configurations in the USC require a UTM v14.0 or higher.
This version is currently only available as a reseller preview
This version is currently only available as a reseller preview
Add Core UTM
| Add Core now Opens the dialog for adding a core UTM. |  | |||||||||||||||
| It is possible to have several core UTMs. Each core UTM is assigned to a topology Topology 1 Default designation and it is numbered consecutively
If a further Core-UTM and thus a further topology is to be added, this is done with the button Add topology | ||||||||||||||||
| Caption | Value | Description |  | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Typ | UTM | Als Typ UTM auswählen | ||||||||||||||
| Name Mandatory field |
Name | Name of the topology
Dialog box for adding a core UTM | ||||||||||||||
| UTM | TTT-Point AG V | List of available UTMs that can be selected as core UTMs. Only UTMs that have a public IP address, are connected to the portal and are online are available for selection. UTMs that are connected to the portal but are offline, or whose version is not compatible, are listed in the not available list section. The next steps are only displayed after a UTM has been selected. | ||||||||||||||
| Alias Mandatory field |
LG1 | An alias must be assigned for the core UTM in order to be able to assign generated objects to this UTM. | ||||||||||||||
| Interface Mandatory field |
eth0 (203.113.0.113) | The interface of the core UTM to be used for establishing the connection. ‘’'By default'‘’ the first interface that is connected to the Internet is used. | ||||||||||||||
| Hostname/ public IP address Mandatory field |
203.113.0.113 | The host name, or the public IP address, which is used to establish the connection. ‘’'By default'‘’ the public IP address of the Internet interface of the UTM is used. | ||||||||||||||
| Transfer network Mandatory field |
192.168.20.0/24 | Private IPv4 or IPv6 address to be used as the transfer network. | ||||||||||||||
| (Optional) DNS-Einstellungen für Roadwarrior | ||||||||||||||||
| Hier kann festgelegt werden, welche DNS-Server für die Roadwarrior VPN-Verbindungen verwendet werden sollen. Die Anfragen werden grundsätzlich über den Tunnel geleitet. Dadurch kann beispielsweise die Namensauflösung von Servern im verwendeten internen Netzwerk ermöglicht werden. | ||||||||||||||||
| Primary DNS server (optional) | Add DNS Server | DNS servers in the network of the core UTM can be selected here so that the name resolution works for the Roadwarrior clients. Rules are automatically created in the Roadwarrior pools.  | ||||||||||||||
| Core as DNS | The core UTM is used as the DNS server notempty Wenn die Core-UTM als DNS-Server gesetzt wird, werden die DNS-Anfragen automatisch über den Namensserver der UTM aufgelöst. | |||||||||||||||
| Network object Nicht bei Core als DNS |
Please select a Network object | Selection of a network object that is assigned to a DNS server. | ||||||||||||||
If no suitable network object is available, a new one can be created using the Add button .
| ||||||||||||||||
| Service Nicht bei Core als DNS |
 dns |
Selection of the service or service group that makes DNS possible. | ||||||||||||||
If no suitable service is available, a new one can be created using the Add button .
| ||||||||||||||||
| Split-DNS für iOS Profile aktivieren Only appears when a DNS server has been selected notempty New as of: 2.8 |
Wenn aktiviert kann Split-DNS für iOS Profile verwendet werden.
Es wird zwischen internen und externen aufzulösenden Domains unterschieden. | |||||||||||||||
| Split DNS configuration Wird erst eingeblendet, wenn Split-DNS für iOS Profile aktiviert ist notempty New as of: 2.8 |
Add domains |
| ||||||||||||||
| The DNS server is added with the Add DNS button. | ||||||||||||||||
| Adds the UTM as a core UTM. The Add UTM button only becomes active once all entries have been completed | ||||||||||||||||
| This configuration must then be made usable with the Publish button. | ||||||||||||||||
Edit core UTM
| An active, connected core UTM can be edited via the wrench button . | ||||||||||||||||
| Caption | Value | Description |  | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Name | Name | Name of the topology
Dialog box for adding a core UTM | ||||||||||||||
| UTM | TTT-Point AG IV | The UTM, which serves as the core UTM, cannot be changed retrospectively. | ||||||||||||||
| Alias Mandatory field |
LG1 | An alias must be assigned for the core UTM in order to be able to assign generated objects to this UTM. | ||||||||||||||
| Port | 51820 | Display of the port used by the VPN service. Cannot be changed. | ||||||||||||||
| Interface | eth0 (203.113.0.113) | The interface used to establish the connection. | ||||||||||||||
| Hostname/ public IP address | 203.113.0.113 | The host name or public IP address used to establish the connection. | ||||||||||||||
| Transfer network | 192.168.20.0/24 | IPv4 or IPv6 address to be used as the transfer network. | ||||||||||||||
| (Optional) DNS-Einstellungen für Roadwarrior | ||||||||||||||||
| Hier kann festgelegt werden, welche DNS-Server für die Roadwarrior VPN-Verbindungen verwendet werden sollen. Die Anfragen werden grundsätzlich über den Tunnel geleitet. Dadurch kann beispielsweise die Namensauflösung von Servern im verwendeten internen Netzwerk ermöglicht werden. | ||||||||||||||||
| Primary DNS server (optional) | Add DNS Server | DNS servers in the network of the core UTM can be selected here so that the name resolution works for the Roadwarrior clients. Rules are automatically created in the Roadwarrior pools. | ||||||||||||||
| Core as DNS | The core UTM is used as the DNS server notempty Wenn die Core-UTM als DNS-Server gesetzt wird, werden die DNS-Anfragen automatisch über den Namensserver der UTM aufgelöst. | |||||||||||||||
| Network object Nicht bei Core als DNS |
Please select a Network object | Selection of a network object that is assigned to a DNS server. | ||||||||||||||
If no suitable network object is available, a new one can be created using the Add button .
| ||||||||||||||||
| Service Nicht bei Core als DNS |
dns |
Selection of the service or service group that makes DNS possible. | ||||||||||||||
If no suitable service is available, a new one can be created using the Add button .
| ||||||||||||||||
| Split-DNS für iOS Profile aktivieren Only appears when a DNS server has been selected notempty New as of: 2.8 |
Wenn aktiviert kann Split-DNS für iOS Profile verwendet werden.
Es wird zwischen internen und externen aufzulösenden Domains unterschieden. | |||||||||||||||
| Split DNS configuration Wird erst eingeblendet, wenn Split-DNS für iOS Profile aktiviert ist notempty New as of: 2.8 |
Add domains |
| ||||||||||||||
| This configuration must then be made usable with the Publish button. | ||||||||||||||||