Create a VPN Profile element

In the Management Client, create a VPN Profile element for the VPN connection to Private Access.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. In the Management Client, select Configuration, then browse to SD-WAN.
  2. Browse to Other Elements > Profiles > VPN Profiles.
  3. Select New > VPN Profile.
  4. In the Name field, enter a descriptive name.
    Example: Private Access VPN profile
  5. On the IKE SA tab, select the following options:
    • Version — IKEv2
    • Cipher Algorithms — Select only the supported options. Deselect the other options.
    • Message Digest Algorithms — Select only the supported options. Deselect the other options.
    • Diffie-Hellman Groups — Select only the supported options. Deselect the other options.
    • Authentication Method — Pre-Shared Key
    • Always Keep Tunnels Established — Select this option.

    For more information about the supported IPsec settings, see the Forcepoint Private Access Administrator Guide.

  6. On the IPsec SA tab, select the following options:
    • IPsec Type — ESP
    • Cipher Algorithms — Select only the supported options. Deselect the other options.
    • Message Digest Algorithms — Select only the supported options. Deselect the other options.
  7. Click OK.

Next steps

Create Host elements to define the source IP addresses that are used for incoming private application traffic.