Prepare for SD-WAN setup
Make sure you complete these steps before you configure your SD-WAN solution:
-
Configure your branches as locations in ETP. Make sure the public IP addresses of branches are configured as locations in ETP. To create a location, see Create a location.
-
Generate a pre-shared key (PSK). To generate a PSK, see Generate a pre-shared key.
-
Take note of the IPsec fully qualified domain names (FQDNs). When configuring your SD-WAN solution, you need these FQDNs to establish a primary and secondary (backup) tunnel to ETP:
primary.ipsec.akaetp.net
secondary.ipsec.akaetp.net
Some SD-WAN solutions may require the IP addresses that resolve from these FQDNs. To determine these IP addresses, you’ll need to ping these FQDNs from your SD-WAN appliance.
-
Configure IPsec credentials in ETP. Before you configure your SD-WAN solution, you must configure ETP with the PSK you generated and create the IKE Identifier. For more information, see Configure IPsec credentials in ETP.
Generate a pre-shared key
On Linux or macOS, complete this procedure to generate a pre-shared key (PSK) with a minimum of 24 characters. Make sure this key is a random sequence of characters and does not form a word that can be found in a dictionary.
To generate a pre-shared key:
Open a command line and enter this command:
head -c 24 /dev/urandom | base64
Configure IPsec credentials in ETP
Before you begin:
Make sure you generate a pre-shared key. For instruction, see Generate a pre-shared key.
Complete this procedure to add IPsec credentials to ETP. These credentials are required to set up IPsec tunnels between your SD-WAN solution and ETP.
To configure IPsec credentials:
-
In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Connection Credentials.
-
In the IPsec Credentials section, click the plus sign.
-
Enter a unique identifier. This identifier you provide, as well the configuration ID and FQDN that are already included form the IKE identifier.
-
In the key field, enter the pre-shared key (PSK) and confirm the key value.
-
Click Save.
Updated 20 days ago