Connect private application hosting sites
To forward remote access requests to your internal applications, configure IPsec tunnels between your private application hosting locations and the Private Access service.
Two tunnels are required for connection redundancy. Tunnels are configured as active-active, always-on. Traffic can be routed to either tunnel by the Private Access service.
The edge device at your application hosting location must be capable of connecting to the Forcepoint cloud gateways using the supported IPsec settings for Private Access.
Note:
Private Access performs network address translation on incoming requests to your private applications. Your edge device must be configured with access
lists to allow traffic to/from Private Access at the following addresses:
- Tunnel 1: 116.50.59.232
- Tunnel 2: 116.50.59.234
Note: The connection status shown on the page for new tunnels will be displayed as Not connected until traffic has passed through the tunnel.