Focus

Netskope Integration Guide

Create an IPsec Tunnel

Table of Contents

Create an IPsec Tunnel

Learn how to create an IPsec tunnel between Prisma SD-WAN and Netskope security cloud.

Navigate to

Map

Claimed Devices

Click the ellipsis menu for the device to be configured with the IPsec tunnel and select

Configure the device

Select

Interfaces

Click the

sign on the Interface panel.

Select

Standard VPN

and click

Add

On the tunnel configuration page, configure the following:

Give the tunnel a name.

Configure the

Standard VPN

type as

IPsec

Parent interface

should be set to the outboundinterface.

Inner Tunnel IP / Address Mask

should be set to an internal IP behind your device that you should allocate for the tunnel.

Set the

endpoint

configured from the previous step.

Peer IP

can be used to configure the Netskope endpoint’s IP. This configuration is skipped in this example, since the endpoint configuration in the previous step has the Netskope POP’s IP addresses configured already.

Select the

IPSEC Profile

that was created for Netskope.

Add an

IPSEC Authentication Override

to configure IPsec authentication settings local to the site.

Type

should be Pre-Shared Key.

Configure the same Pre-shared key at both the Prisma SD-WAN andNetskope endpoints.

Local ID

can be set to Interface IP Address or FQDN.

To configure a local FQDN, choose

Local ID Type

Custom

andconfigure a FQDN under Local ID.

Click

Create Standard VPN

Create a Service Group

Create a Path Policy

Netskope Integration Guide

Create an IPsec Tunnel

Create an IPsec Tunnel

Recommended For You