Add an Access rule to redirect traffic to the Web Security Cloud VPN

In the SMC Management Client, add an Access rule to redirect traffic to the Forcepoint Web Security Cloud VPN.

The Firewall Template policy contains rules that allow the policy-based VPN traffic and maintain the VPN tunnels.

If you use a custom top-level template, you must allow this traffic in the policy. Make sure that at least the ISAKMP (UDP) Service is allowed between the gateways.

For more details about the product and how to configure features, click Help or press F1.

Steps

Select Configuration.
Browse to Policies > Firewall Policies.
Right-click a policy, then select Edit Firewall Policy.

Add an Access rule that redirects the traffic to the Forcepoint Web Security Cloud VPN.

Source	Destination	Service	Action
Local networks	ANY	The HTTP and HTTPS Service elements.	(When the Forcepoint NGFW version is 6.6 or higher) Allow. In the Action options, select Apply VPN as the VPN Action. Select the Web Security Cloud VPN element, then click OK. (When the Forcepoint NGFW version is 6.5 or lower) Use VPN. Select the Web Security Cloud VPN element, then click OK.

Source

Destination

Service

Action

Local networks

ANY

The HTTP and HTTPS Service elements.

(When the Forcepoint NGFW version is 6.6 or higher)

Allow. In the Action options, select Apply VPN as the VPN Action. Select the Web Security Cloud VPN element, then click OK.

(When the Forcepoint NGFW version is 6.5 or lower)

Use VPN. Select the Web Security Cloud VPN element, then click OK.

Click Save and Install.