Configurations on Forcepoint NGFW

These instructions explain how to forward web traffic from the Forcepoint NGFW site through the Forcepoint ONE SSE cloud proxy service using policy-based IPsec VPN.

Note: From version 7.1 onwards, Forcepoint NGFW is rebranded to Forcepoint FlexEdge Secure SD-WAN.
Follow the below steps to setup an active/standby highly available IPsec VPN tunnel:
  1. Create an external VPN gateway with two endpoints, an active primary tunnel and a standby secondary tunnel.
  2. Create a policy-based VPN using the external VPN gateway you created as central gateway and Forcepoint NGFW engine as satellite gateway.
  3. Configure exceptions for NGFW engine, if necessary.
  4. Configure rules for policy-based VPN traffic.
Note:

This document shows an example environment for information and guidance only. While every effort has been made to ensure the accuracy of this information, you are strongly advised to consult the latest documentation for your edge device and test your configuration thoroughly.