Create a Second Tunnel on Netskope
Log in to the Netskope UI.
On the Home page, click Settings in the bottom left.
Under Settings, click Security Cloud Platform.
Under Traffic Steering, click IPSec. The IPSec page will list all your configured IPSec tunnels.
Click the Add New Tunnel button at the top of the page. The Add New IPSec Tunnel page opens.
Enter or select the new tunnel parameters as follows:
Parameter
Description
Tunnel Name
Enter a descriptive name for the tunnel. For example, use some combination of the appliance name and interface name.
Source IP Address
The public IP address of the WAN interface on the EdgeConnect appliance that will originate the IPSec tunnel.
In Unity Orchestrator, you can determine an interface’s public IP address on the Interfaces page (Configuration > Networking > Interfaces).
Source Identity
Enter a unique name that will identify the EdgeConnect source for this tunnel.
Use the source identity as the Local IKE Identifier when configuring the tunnel on the EdgeConnect appliance.
Primary Netskope POP
Select the same primary Netskope POP that was used for the first tunnel.
Failover Netskope POP
Select the same failover POP that was used for the first tunnel.
Pre-shared Key
Enter a complex pre-shared key that both sides of the tunnel will use to authenticate one another.
Use the same pre-shared key when configuring the tunnel on the EdgeConnect appliance.
Encryption Cipher
Select AES128-CBC or AES256-CBC for encrypting the connection.
Maximum Bandwidth
Select the maximum bandwidth to allow on the tunnel.
When the tunnel configuration is complete, click Add.
You should see the new tunnel displayed on the Netskope IPSec page.
