Configuring GRE tunnel to primary data center

After creating GRE tunnels in Forcepoint ONE SSE, you should configure the tunnels on the Edge devices so that the web traffic flows between the edge device and Cloud SWG data centers. This topic describes the steps to configure GRE primary tunnel on Cisco IOS.

Follow the steps below to configure GRE tunnel to the primary data center:

Steps

Log into Cisco router.
Create the tunnel interface with an ID.
```
Interface Tunnel0
```
Enter a unique IP address for the interface.
```
ip address <unused_internal_address_1> 255.255.255.252
```
Replace the <unused_internal_address_1> with any unused internal IP address representing the internal IP address for the primary local tunnel interface.
Enter the MSS value for the interface.
```
ip tcp adjust-mss 1436
```
To know about MSS, refer to Maximum segment size.
Set the tunnel source interface, which is the interface that the tunnel is attached to.
```
tunnel source <public_egress_ip>
```
Replace the <public_egress_ip> with your public egress IP address for the edge device.
Set the tunnel destination to the IP address of the primary Cloud SWG tunnel.
```
tunnel destination <primary_destination_address>
```
Replace the <primary_destination_address> with the public IP address of the Cloud SWG data for your primary tunnel.
To verify the primary tunnel interface is up and running on your router, enter the show ip interface brief command.
If the configuration is successful, then the Status and Protocol will display up.