Make sure you complete these steps before you configure your SD-WAN solution:

Configure your branches as locations in ETP. Make sure the public IP addresses of branches are configured as locations in ETP. To create a location, see Create a location.
Generate a pre-shared key (PSK). To generate a PSK, see Generate a pre-shared key.
Take note of the IPsec fully qualified domain names (FQDNs). When configuring your SD-WAN solution, you need these FQDNs to establish a primary and secondary (backup) tunnel to ETP:
- primary.ipsec.akaetp.net
- secondary.ipsec.akaetp.net
Some SD-WAN solutions may require the IP addresses that resolve from these FQDNs. To determine these IP addresses, you’ll need to ping these FQDNs from your SD-WAN appliance.
Configure IPsec credentials in ETP. Before you configure your SD-WAN solution, you must configure ETP with the PSK you generated and create the IKE Identifier. For more information, see Configure IPsec credentials in ETP.

Generate a pre-shared key

On Linux or macOS, complete this procedure to generate a pre-shared key (PSK) with a minimum of 24 characters. Make sure this key is a random sequence of characters and does not form a word that can be found in a dictionary.

To generate a pre-shared key:

Open a command line and enter this command:

head -c 24 /dev/urandom | base64

Configure IPsec credentials in ETP

Before you begin:
Make sure you generate a pre-shared key. For instruction, see Generate a pre-shared key.

Complete this procedure to add IPsec credentials to ETP. These credentials are required to set up IPsec tunnels between your SD-WAN solution and ETP.

To configure IPsec credentials:

In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Connection Credentials.
In the IPsec Credentials section, click the plus sign.
Enter a unique identifier. This identifier you provide, as well the configuration ID and FQDN that are already included form the IKE identifier.
In the key field, enter the pre-shared key (PSK) and confirm the key value.
Click Save.