Adding a location and getting a Gateway token

This documentation will guide you through adding a new location and proceeding with the Gateway deployment, enabling your devices to connect to it via VPN.

Adding a location in Defguard Core

Please remember that one gateway corresponds to one VPN location.

You can also deploy multiple gateways for one location for High Availability.

Go to the address you set on DEFGUARD_URL with your browser and sign in using the credentials you set up during Core deployment.

Go to the VPN Overview module from the main menu and click the Edit Locations settings.

Then click the Add new location tab.

Depending on what is more convenient for you, choose configuration from Wireguard file or do it manually.

After saving configuration for location you should be redirect to Location overview page, where at the top right corner is Edit Locations Settings button, click on it.

In Gateway server setup copy two variables: DEFGUARD_TOKEN and DEFGUARD_GRPC_URL

Also, if core has a custom SSL CA to secure gRPC communication, you need the CA certificate (more here).

Deploy the Gateway service

Proceed with deploying your Gateway service using the selected deployment strategy:

You can also check our guides on running Gateway on OPNsense firewall or MikroTik router.

If everything went well, Defguard Gateway should be connected to Defguard Core and you can start adding new devices to your network.

PreviousConfiguring HTTPS using AWS Certificate Manager NextConfiguration

hashtagAdding a location in Defguard Core

hashtagDeploy the Gateway service

Adding a location in Defguard Core

Deploy the Gateway service