Create a Tunnel on Netskope
Log in to your Netskope UI.
On the Home page, click Settings in the bottom left.
Under Settings, click Security Cloud Platform.
Under Traffic Steering, click IPSec. The IPSec page lists all your configured IPSec tunnels.
Click Add New Tunnel. The Add New IPSec Tunnel page opens.
Enter or select the new tunnel parameters as follows:
Parameter
Description
Tunnel Name
Enter a descriptive name for the tunnel. For example, use some combination of the appliance name and interface name.
Source IP Address (optional)
The public IP address of the WAN interface on the EdgeConnect appliance that will originate the IPSec tunnel.
In Unity Orchestrator, you can determine an interface’s public IP address on the
Interfaces page (Configuration > Networking > Interfaces).
Source Identity
Enter a unique name that will identify the EdgeConnect source for this tunnel.
You will use the source identity as the Local IKE Identifier when configuring the tunnel on the EdgeConnect appliance.
Primary Netskope POP
Select a primary Netskope POP that is geographically closest to the EdgeConnect appliance that will originate the tunnel.
Failover Netskope POP
Select a failover POP from the list of those available.
Pre-shared Key
Enter a complex pre-shared key that both sides of the tunnel will use to authenticate one another.
You will need to use the same pre-shared key when configuring the tunnel on the EdgeConnect appliance.
Encryption Cipher
Select AES128-CBC or AES256-CBC for encrypting the connection.
Maximum Bandwidth
Select the maximum bandwidth to allow on the tunnel.
When the tunnel configuration is complete, click Add.
You should see the new tunnel displayed on the Netskope IPSec page.
