Viewing Tunnels

After creating tunnels, you can monitor the status of each tunnel under Analyze > Tunnels page.

The status of the tunnel can be Configuring, Provisioned, Failed, Up or Down.

A Tunnel typically takes approximately three minutes to be Provisioned and then changes to Down. Once the status of the tunnel is Down, the IPsec tunnel status will be changed to Up only when customer's router or firewall is correctly configured and there is successful communication between router and cloud.

To view configuration details of tunnel, click the Setup Info link for the tunnel in the question. These details are useful for configuring the customer's router or firewall.

Important: The Edge device (router or firewall) at the customer must be configured to send only web traffic on TCP ports 80 and 443 over the tunnel to the Cloud-SWG. All other traffic should be routed direct to the internet. If traffic over any other ports is sent over the tunnel, it will be discarded.

If you click the Setup Info link for the Primary IPsec tunnel, then following details are displayed:

If you click the Setup Info link for the Secondary IPsec tunnel, then following details are displayed:



Note: The Cloud IKE ID displays either Cloud FQDN or IP Address based on the tunnel’s configuration.

The Setup Info dialog of the Primary and Secondary IPsec tunnels also displays Forcepoint ONE SSE supported IPsec settings which are required while configuring your edge device.