Create Policy-Based VPN elements

In the Management Client, create a Policy-Based VPN element for each of the two tunnels, then define the topology and tunnel settings.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to SD-WAN.
  2. Browse to Policy-Based VPNs.
  3. Select New > Policy-Based VPN.


  4. In the Name field, enter a descriptive name.
    Example: PA to hosting site VPN 1
  5. From the Default VPN Profile drop-down list, select the custom VPN Profile element that you created.
  6. Click OK.
    The Policy-Based VPN opens for editing.
  7. Configure the VPN topology.
    Add the External VPN Gateway element as a central gateway, and the VPN Gateway element that represents the NGFW Engine as a satellite gateway.
    1. In the pane on the left, browse to VPN Gateways.


    2. Drag and drop the External VPN Gateway element to the Central Gateways list on the Site-to-Site VPN tab.
    3. Drag and drop the VPN Gateway element that represents the NGFW Engine to the Satellite Gateways list on the Site-to-Site VPN tab.
  8. On the Tunnels tab, double-click the Key field, then enter or paste the pre-shared key from the Private Access management portal.
  9. Click Save to save the changes to the policy-based VPN, then close the VPN editing view.

Next steps

Repeat these steps to create a Policy-Based VPN element for the second connection, then configure access rules and NAT rules.