Skip to main content

Netskope Help

Netskope Forward Proxy over IPSec/GRE with Azure AD SAML Auth

Netskope integrates with identity providers to gather user identity information for traffic steered through an IPSec or GRE tunnel. This guide explains how to configure Azure AD SAML Auth with Netskope Forward Proxy over IPSec or GRE tunnels. This guide does not cover how to configure an IPSec or GRE tunnel and installing Netskope certificates onto the devices connecting to the web via the tunnel. Refer to IPSec and GRE to configure your tunnels and install certificates on devices before proceeding with these instructions.


The integration requires the following steps in the order specified.

  1. Get Netskope SAML settings.

  2. Configuring an Enterprise Application in Microsoft Azure Active Directory for SAML Auth.

  3. Add account in Netskope SAML – Forward Proxy.

  4. Enable authentication and configure SAML Auth domain bypass settings.

  5. Test SAML Auth via IPSec or GRE tunnel

  6. Check Skope IT events

  7. Bypass SAML Auth Authentication