Introduction
The Uplevel Gateway can terminate IPsec tunnels to third-party firewalls and cloud services. We ship pre-configured profiles for the major cloud peers — Microsoft Azure, Amazon AWS, and others — to keep those setups quick. For anything else, the 3rd Party VPN section under Portal › Site-to-Site VPN has the flexibility to match almost any peer configuration.
VPN configuration form
The source KB article includes a VPN Configuration Form
(Microsoft Word .docx). Hand that form to the VPN provider on
the other end of the tunnel. Once they’ve filled it in, you have
two options:
- Match the settings yourself in Portal › Site-to-Site VPN › 3rd Party VPN.
- Forward the filled-in form to Uplevel support and we’ll configure the tunnel for you.
Security — handling the PSK
Treat the pre-shared key as a credential, not a configuration detail.
- Never send the PSK by email.
- Share PSKs over the phone, or via a one-time self-destructing note service such as PrivNote.
Notes for Fortigate peers
When the other end is a Fortigate device, please confirm the following settings up front — Fortigate’s defaults don’t always line up with what the Uplevel side expects:
- Perfect Forward Secrecy
- Auto-negotiate
- Autokey Keep Alive
- Dead Peer Detection
Surface these in the VPN configuration form along with the rest of the parameters.