Problem:

Perimeter81 VPN is a SASE (Secure Access Service Edge) VPN provider that enables customers to connect to the internal network via the regular VPN methods or by using Zero-Trust direct connection to applications.

The 2 main features for it are the fact that no hardware is required, as this is a SaaS solution for the management server and that it uses several technologies to establish the VPN tunnels such as OpenVPN or the newly created WireGuard.


As this solution creates a VPN tunnel to the cloud and uses a web connection, by default the proxy or DCEP tries to inspect the SSL traffic and therefor is breaking the connection.

Solution: 
The Even though this is a SaaS solution, it is still considered an internal resource and should, by best practice, be bypassed from the proxy connections.


Add the following IP Addresses to the SSL bypass list:

  • 46.101.220.174
  • 3.89.223.191
  • 167.172.171.73
  • 138.197.149.252

These are the current cloud gateway IPs.