Quick Overview

The Tunnel Servers page in zWAN displays all tunnel servers configured for the tenant. These servers are critical for maintaining a secure and persistent control channel between the Edge Controller (EC) and the Director. During onboarding, the EC receives tunnel server information to establish a management connection. Tenants are provisioned with default tunnel servers via the MSP portal but can add, edit, or delete their own entries as needed.

How to Use This Feature in the UI

1. Navigate to the Tunnel Servers section in the zWAN Director UI.
2. View the list of currently configured tunnel servers, including hostname/IP, port, and region if applicable.
3. To Add a Tunnel Server:
   • Click Add Tunnel Server.
   • Enter required details such as Server Address, Port, and optional Description.
   • Click Save to make the new server available for EC onboarding.
4. To Edit a Tunnel Server:
   • Click the Edit icon next to the desired tunnel server.
   • Update fields such as address or port, then click Update to apply changes.
5. To Delete a Tunnel Server:
   • Click the Delete icon for a tenant-added server entry.
   • Confirm deletion when prompted. Note: Only tenant-added servers can be removed—default tunnel servers cannot be deleted.

Concepts & Use Cases

• Director Connectivity: Tunnel servers enable encrypted control-plane communication between Edge Controllers and the Director platform.
• Multi-Region Redundancy: Tenants operating across regions can configure multiple tunnel servers to reduce latency and improve failover coverage.
• Custom Connectivity Requirements: Some tenants may add tunnel servers hosted in private infrastructure for compliance or performance reasons.
• MSP Default Provisioning: Tunnel servers are auto-provisioned during tenant creation but can be extended or modified by tenant admins.

Troubleshooting & FAQs

• Why can’t I delete a tunnel server?
  Only tunnel servers added by the tenant can be removed. Default MSP-provisioned servers are locked for editing and deletion.
• How does the EC choose which tunnel server to use?
  The EC attempts to connect using the provided list, typically selecting the closest or most responsive server first.
• What happens if all tunnel servers fail?
  The EC will not be able to establish a control channel with the Director, resulting in management disconnects. Ensure redundancy is in place.
• Can I configure different tunnel servers for different ECs?
  Yes. You can assign tunnel servers per onboarding template or manually during EC registration if supported.