Configurations on any edge device

You can configure any edge device by configuring certain parameters so that the web traffic, originating from the site's subnets, is forwarded to Forcepoint ONE SSE Cloud through IPsec tunnel.

Configure the following parameters to create tunnels and to achieve fail-over on edge device. To configure these parameters on edge device, refer to vendor specific documentation.

Steps

  1. IKE proposal
  2. IPsec proposal
  3. Pre-shared key authentication method
  4. IKE ID address or FQDN support
  5. Policy or filters to allow port 80 and 443 traffic through the tunnel
  6. IKE gateway support to specify the Forcepoint ONE SSE data center's IP
  7. For failover, tunnel monitoring or multiple IPsec peer support

Result

Make sure the tunnels are up and traffic is flowing through the tunnel.