# Connections & Verification

### Create IPSec Site Connections

Navigate to **Networking > VPNs > IPSec Site Connections > + Create IPSec Site Connection**

**Connection 1 — conn** (network-1 side)

| Field                       | Value                       |
| --------------------------- | --------------------------- |
| Name                        | conn                        |
| VPN Service                 | vpn1                        |
| IKE Policy                  | ikepolicy                   |
| IPSec Policy                | ipsecpolicy                 |
| Local Endpoint Group        | left-local-epg              |
| Peer Endpoint Group         | left-peer-epg               |
| Peer Gateway Public Address | *(External IP of router-2)* |
| Pre-Shared Key              | your-psk-here               |
| Initiator Mode              | bi-directional              |
| MTU                         | 1500                        |
| DPD Action                  | hold                        |
| DPD Interval                | 30                          |
| DPD Timeout                 | 120                         |

***

**Connection 2 — conn2** (network-2 side)

| Field                       | Value                       |
| --------------------------- | --------------------------- |
| Name                        | conn2                       |
| VPN Service                 | vpn2                        |
| IKE Policy                  | ikepolicy                   |
| IPSec Policy                | ipsecpolicy                 |
| Local Endpoint Group        | epg-local-2                 |
| Peer Endpoint Group         | epg-peer-2                  |
| Peer Gateway Public Address | *(External IP of router-1)* |
| Pre-Shared Key              | your-psk-here               |
| Initiator Mode              | bi-directional              |
| MTU                         | 1500                        |
| DPD Action                  | hold                        |
| DPD Interval                | 30                          |
| DPD Timeout                 | 120                         |

> **Important:** The Pre-Shared Key must be identical on both connections. Ensure VPN Service and Local Endpoint Group are from the same network side — do not mix them.

***

### Verification

#### Check Connection Status

Navigate to **Networking > VPNs > IPSec Site Connections**

Both connections should show **Status = ACTIVE** within 60 seconds of creation.

<figure><img src="/files/q30XedWYOdEQZiZYjBY6" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/U6h35lPw5cQ7D35ZH8SO" alt=""><figcaption></figcaption></figure>

#### Test Connectivity Between VMs

SSH into each VM and run a ping to the private IP of the VM on the opposite network:

```
ping <private-IP-of-remote-VM>
```

A successful response confirms the VPN tunnel is working and traffic is flowing bidirectionally across the encrypted IPSec tunnel.

<figure><img src="/files/1QenTSPiOjI897IvAr1v" alt=""><figcaption></figcaption></figure>

***


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.neevcloud.com/neevcloud-products/networking/vpn/connections-and-verification.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.