Skip to main content
Skyhigh Security

Send web traffic to SSE through an IPsec tunnel

Skyhigh Security WSGS authenticates the traffic that it receives through an IPsec tunnel configured from any site or location.

NOTE: IP addresses are supported in IPv4 format. Specify IP address ranges using CIDR notation with a network size range of 8–32 bits.

 
  1. On the Skyhigh CASB navigation bar, click the Settings icon.
  2. Select Infrastructure > Web Gateway Setup.
  3. Click New Location, then provide a name for the location.
  4. Select IPsec Mapping, select an option from the Client ID Type drop-down list, then configure your identity settings:
    • Use Client Address — Provide an IP address or domain name for the Client Address.
    • Use Fully Qualified Domain Name — Provide the FQDN for the Client ID and an IP address or domain name for the Client Address.
    • Use specific IPv4 Address — Provide an IPv4 address for the Client ID and an IP address or domain name for the Client Address.
    • Use a User FQDN — Provide the FQDN for the user, such as an email address, in the Client ID field and an IP address or domain name for the Client Address.
  5. In the Pre-Shared Key field, provide a key value that you define. Skyhigh Security WSGS uses this value to authenticate web traffic received through the IPsec tunnel.
  6. In the Subnet field, specify your network's internal IP addresses. Optionally add a comment, then click the + icon to add another subnet to the list.
  7. Click Save.
    The named location is saved with IPsec mapping configured.

You can publish saved changes to the cloud now or keep working and publish later.

  • Was this article helpful?