Expand all | Collapse all
Create an IPsec Tunnel
Learn how to create an IPsec tunnel between Prisma SD-WAN
and Netskope security cloud.
Click the ellipsis menu for the device to be configured
with the IPsec tunnel and select
Configure the device
.
Click the
+
sign on the Interface
panel.
Select
Standard VPN
and click
Add
.
On the tunnel configuration page, configure the following:
Configure the
Standard VPN
type as
IPsec
.
Parent interface
should be set to
the outboundinterface.
Inner Tunnel IP / Address Mask
should
be set to an internal IP behind your device that you should allocate
for the tunnel.
Set the
endpoint
configured from the
previous step.
Peer IP
can be used to configure the
Netskope endpoint’s IP. This configuration is skipped in this example,
since the endpoint configuration in the previous step has the Netskope
POP’s IP addresses configured already.
Select the
IPSEC Profile
that was
created for Netskope.
Add an
IPSEC Authentication Override
to
configure IPsec authentication settings local to the site.
Type
should be Pre-Shared
Key.
Configure the same Pre-shared key at both the Prisma SD-WAN
andNetskope endpoints.
Local ID
can be set to Interface IP
Address or FQDN.
To configure a local FQDN, choose
Local ID Type
as
Custom
andconfigure
a FQDN under Local ID.
Click
Create Standard VPN
.