Forcepoint FlexEdge Secure SD-WAN How-To How to deploy Forcepoint FlexEdge Secure SD-WAN in the Amazon Web Services cloud
  1. Home
  2. Deploy FlexEdge Secure SD-WAN in AWS
  3. AWS Transit Gateway
  4. Troubleshooting
  • Deploy FlexEdge Secure SD-WAN in AWS
    • Introduction

      You can deploy Forcepoint FlexEdge Secure SD-WAN in the Amazon Web Services (AWS) cloud to provide VPN connectivity, access control, and inspection for services in the AWS cloud.

    • Deploying Forcepoint FlexEdge Secure SD-WAN in the AWS cloud

      You can deploy Forcepoint FlexEdge Secure SD-WAN in the AWS cloud using 1-Click Launch or using Manual Launch when you have an existing SMC installation.

    • Configure HA

      After you have deployed two Secure SD-WAN Engines, configure high availability (HA).

    • AWS Transit Gateway
      • Product Compatibility
      • Implementation
      • Networking requirements
      • Configure Forcepoint SMC
      • Provision AWS S3 bucket for Lambda code
      • Generate key pairs and identify AMI
      • Unpack and configure SMC Connector
      • Check SMC API connectivity

        The following steps provide information on how to check SMC API connectivity:

      • Deploy Lambda code and CloudFormation Template
      • Configuring Auto-scaling group
      • Troubleshooting
        • Validate the prerequisites
        • Check network connectivity
        • Check dependencies are installed
        • Check all components are configured and running properly
    • Managing Forcepoint FlexEdge Secure SD-WAN Engines using the SSM Agent

      You can use the AWS Systems Manager Agent (SSM Agent) to manage Secure SD-WAN Engines that are deployed in the AWS cloud using the same AWS tools that are used for other AWS resources.

    • Maintenance

      All configuration information for the Secure SD-WAN Engines is stored on the Management Server component of the SMC. After deployment, you can manage Secure SD-WAN Engines in the AWS cloud using the Management Client component of the SMC in the same way as other Secure SD-WAN Engines.

    • Troubleshooting in the AWS console

      You can use diagnostics information provided by the AWS console for troubleshooting.

    • Example deployment

      This example shows a deployment in an example network environment.

    • Configuring VPC ingress routing for an Internet gateway

      VPC ingress routing can direct all traffic from an edge location, such as the Internet or a VPN gateway, through the Secure SD-WAN Engine before reaching its final destination. These instructions describe how to configure VPC ingress routing for an Internet gateway.

    • Configuring a route-based VPN to AWS with BGP

      The configuration for this scenario includes a virtual private cloud (VPC) with a public subnet and private subnets. A virtual private gateway enables communication with your own on-premises network over an IPsec VPN tunnel. All routing configuration is done using BGP.

    • Find product documentation

      In the Forcepoint Customer Hub, you can find information about a released product, including product documentation, technical articles, and more.

Troubleshooting

Follow these steps to identify issues impacting the normal operation of the integration:

  • Validate the prerequisites
  • Check network connectivity
  • Check dependencies are installed
  • Check all components are configured and running properly
  • Validate the prerequisites
  • Check network connectivity
  • Check dependencies are installed
  • Check all components are configured and running properly

Copyright © 2024 Forcepoint LLC