Define a policy-based VPN

To a policy-based VPN, first you define some basic properties for the VPN, then you add gateways.

These steps provide an overview of the VPN configuration process. For detailed instructions, see the Forcepoint FlexEdge Secure SD-WAN Product Guide .

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to Secure SD-WAN.
  2. Browse to Policy-Based SD-WAN.
  3. Right-click Policy-Based SD-WAN, then select New Policy-Based SD-WAN.
  4. In the Name field, enter a name for the SD-WAN.
  5. (Optional) From the Default SD-WAN Profile drop-down list, select the SD-WAN Profile element that defines the settings for authentication, integrity checking, and encryption.
  6. Click OK.
    The Policy-Based SD-WAN opens for editing.
  7. On the Site-to-Site SD-WAN tab, drag and drop the gateways that you want to include in this VPN into either of the two panes for the VPN topology.
    • To allow a gateway to establish a VPN tunnel with any other gateway in the VPN, add it to the Central Gateways pane.
    • To allow a gateway to establish a VPN tunnel only with central gateways in this VPN, add it to the Satellite Gateways pane.
  8. Click Save.
  9. Add Access rules and possibly also NAT rules to direct outgoing traffic to the VPN and allow incoming traffic from the VPN.