This article describes how to create an IPSec tunnel between the cloud and on-site.

1) Open the firewall you created under Edge Gateways

2) Select IPSec VPN under services and click new

3) Enter a name and description if desired

4) Select your authentication type

Typically Pre-Shared key is selected as certificates are more complex.

5) Enter in the tunnel details

If you already have allocated a public IP to the firewall, you will enter that into the IP address. If not, please request a new IP from Public 2. In the networks section, enter the internal IP subnets you have allocated to your cloud environment.

For the Remote Endpoint IP address, please enter the remote IP address of the firewall. In the Networks section, this will be the remote internal subnet networks.

6) Once created, you will have a new tunnel.

If you wish to change the authentication methods, click on the tunnel and then security profile customization.

7) Now, you can adjust the settings of the IPSec tunnel security.

This must match both sides of the tunnel.