WebTitan OTG 2 recognizes and supports the VPNs listed below by default. If your VPN name matches against this list, it is recognized as an interface to ignore and does not need any further configuration changes.

It is important to note the following about how VPN names are matched:

  1. VPN names are matched against this list using fuzzy-matching, so if you have a VPN named VPN-123 or 123-VPN, it will be recognized.

  2. VPN names are case-sensitive, so if you have a VPN named vpn-123-abc it will not be recognized and you will need to add it to your configuration using the guidelines below to be identified.

Recognized VPNs

  • VPN

  • TAP

  • Cisco AnyConnect

  • Citrix Virtual Adapter

  • Juniper

  • SonicWALL Virtual NIC

  • PANGP

  • Fortinet

  • anywhere access

Adding a VPN to your Configuration

If you have a VPN that is not recognized by matching against the list above, you can add it to your device configuration using JSON config similar to the example below, but edited with your own VPN name(s).

In this example, if you want to add a VPN named My-Office to your configuration, use the following JSON:

{"cfg":{"persistent":{"key":""},"runtime":{"locations":[],"user":"","otg":{"log_level":"diagnose","interfaces_to_ignore":[ "TAP", "VPN", "Cisco AnyConnect", "Citrix Virtual Adapter", "Juniper", "SonicWALL Virtual NIC", "PANGP", "Fortinet", "anywhere access", "My-Office"]}}},"filters":[]}

It is important to note the following:

  1. VPN names in the JSON config are case-sensitive, so any entry made must match your VPN name exactly in terms of case. For example, in the case above where your VPN name is My-Office, entering my-office or My-office will not work.

  2. The VPN list you push out overwrites the existing VPN list, so it is better to append your VPN name to the existing list as shown above. For example, if you push out configuration with a single VPN name, e.g. My-Office, that will overwrite the Recognized VPNs listed above with just that single VPN name.

  3. VPN configuration changes can be pushed out to all your OTG 2 devices, or just to a single OTG 2 device: