Setting up the Kenna Virtual Tunnel


Outbound Traffic Requirements:

Source Destination Protocol/Port Description Notes
Kenna VM TCP/443 Web traffic used to verify your API key and pull a VPN configuration from Kenna to the VM. A firewall rule for this must use a hostname as a destination, as its IP may change. This traffic can be sent through a standard web proxy.
Kenna VM


TCP/443 OpenVPN traffic used to bring up a VPN tunnel from the VM to Kenna's client gateway. This traffic is not HTTPS and requires a direct outbound connection; it cannot be sent through a web proxy.


NOTE: When considering where to deploy the file, keep in mind that it must be able to reach both the security appliance or server inside your network AND make outbound TCP connections on port 443 (NOT HTTPS) to our client gateway at & This can be on a permanent virtualization server or on your own computer. Please keep in mind that if you run the virtual machine on your computer it will only have access to your network when the computer is running and the VM is active.


Installation Steps:

  1. Contact to enable this support for your account. 
    • In the support ticket please have the customer provider their network configuration settings. Specifically we are looking for these:
      • ip_address - example
      • gateway - example
      • netmask - example
      • dns1 - example
      • dns2(optional but recommended) - example
    • If traffic will pass through a proxy you will also need to include:
      • proxy_host - example
      • proxy_user if required
      • proxy_password if required
  2. When complete, a download link will be provided in the support ticket. You have up to 7 days to download the VM image.
  3. Import the VM image into your hypervisor or VM program (System Requirements: 700 MHz processor with 512 MiB RAM, 10 GB disk space). Please note: Our support department cannot convert the image into your hypervisors native image format.
  4. Boot the VM.




Verify that the correct network requirements have been put in place as described in the above table. 


The following links can be used to download the legacy version of the Virtual Tunnel: 



Powered by Zendesk