Configuring and deploying GRE and IPsec tunneling

Once you create GRE and IPsec tunnels in Forcepoint ONE SSE, you need to configure GRE and IPsec tunnels on your edge devices so that web traffic originating from your internal subnets is forwarded to Forcepoint ONE SSE Cloud via the configured tunnel successfully.

The router or firewall at the customer site must be configured to send only web traffic on TCP ports 80 and 443 over the tunnel to the Cloud-SWG. All other traffic should be routed direct to the internet. If traffic over any other ports is sent over the tunnel, it will be discarded.

To configure your edge device, you can follow the steps mentioned for your edge device:

• GRE Tunnel:
  • How to Connect Cisco ISR to Forcepoint ONE SSE Cloud over GRE Tunnel
  • How to Connect Juniper SRX to Forcepoint ONE SSE Cloud over GRE Tunnel
• IPsec Tunnel:
  • How to Connect Forcepoint NGFW to Forcepoint ONE SSE Cloud over IPsec Tunnel
  • How to Connect Cisco ISR to Forcepoint ONE SSE Cloud over IPsec Tunnel
  • How to Connect Cisco ASA/FTD to Forcepoint ONE SSE Cloud over IPsec Tunnel
  • How to Connect Juniper SRX to Forcepoint ONE SSE Cloud over IPsec Tunnel
  • How to Connect Palo Alto to Forcepoint ONE SSE Cloud over IPsec Tunnel
  • How to Connect any Edge Device to Forcepoint ONE SSE Cloud over IPsec Tunnel