Generic Routing Encapsulation (GRE) is a tunneling protocol used to encapsulate and route data via a virtual point-to-point connection.

For Forcepoint ONE SSE Cloud SWG, Forcepoint allocates 0.1 megabits per second (Mbps) per licensed user per virtual datacenter.

Defines the audience of this document.

A Site represents a corporate location from which traffic will originate. While creating a Site, you can configure GRE tunnel through which traffic should be sent over to cloud and create or add subnets groups within the site.

After creating tunnels, you can monitor the status of each tunnel under Analyze > Tunnels page.

After creating GRE tunnels in Forcepoint ONE SSE, you should configure the tunnels on the Edge devices so that the web traffic flows between the edge device and Cloud SWG data centers. This topic describes the steps to configure GRE primary tunnel on Cisco IOS.

After creating GRE tunnels in Forcepoint ONE SSE, you should configure the tunnels on the Edge devices so that the web traffic flows between the edge device and Cloud SWG data centers. This topic describes the steps to configure GRE secondary tunnel on Cisco IOS.

Use the route map to only route the web traffic on ports 80 and 443 through the GRE tunnels.

By using the IP SLA, you can configure failover when the primary tunnel is down.

Lists useful show commands that may be handy while configuring tunnels.

This GRE configuration example is for Cisco ISR routers using Cisco IOS.

For each site you add, it is important to ensure that the High Availability (HA) failover capability is provisioned and configured correctly such that failover happens successfully when required.