To a policy-based VPN, first you define some basic properties for the VPN, then you add gateways.
These steps provide an overview of the VPN configuration process. For detailed instructions, see the Forcepoint Next Generation Firewall Product Guide
.
For more details about the product and how to configure features, click Help or
press F1.
Steps
-
Select
Configuration, then browse to SD-WAN.
-
Browse to Policy-Based VPNs.
-
Right-click Policy-Based VPNs, then select New Policy-Based VPN.
-
In the Name field, enter a name for the VPN.
-
(Optional) From the Default VPN Profile drop-down list, select the VPN Profile element that defines the
settings for authentication, integrity checking, and encryption.
-
Click OK.
The Policy-Based VPN opens for editing.
-
On the Site-to-Site VPN tab, drag and drop the gateways that you want to include in this VPN into either
of the two panes for the VPN topology.
- To allow a gateway to establish a VPN tunnel with any other gateway in the VPN, add it to the Central
Gateways pane.
- To allow a gateway to establish a VPN tunnel only with central gateways in this VPN, add it to the Satellite
Gateways pane.
-
Click
Save.
-
Add Access rules and possibly also NAT rules to direct outgoing traffic to the VPN and allow incoming traffic from the VPN.