Netskope Help

Netskope IPSec with Versa Director

This guide explains the network and system configuration for the Versa Operating System (VOS) using Versa Director and the Netskope Security Cloud Platform using Secure Web Gateway (NG-SWG).

This document is for experienced network and system administrators who are responsible for configuring and managing public and private cloud infrastructure. It is presumed that admins are aware of virtualization concepts, technologies, and setup of network devices.

Supported Software Versions
  • Versa Director: 20.2.1

  • Versa Analytics: 20.2.1

  • Versa VOS: 20.2.1

  • Netskope R73+

Description

Versa SD-WAN Implementation where internet traffic needs to be sent to Netskope’s Next Generation Secure Web Gateway, this guide captures the configuration of the Versa Operating System (VOS) using Versa Director (Orchestrator), and the required Netskope configurations.

Netskope interoperability with Versa branches can be achieved using Site-to-Site IPSec VPN or GRE from the Versa WAN-Edge device to a Netskope Next Generation Secure Web Gateway (NG-SWG) based on parameters provided by Netskope.  

Netskope and Versa support both IKEv2/IPSec and GRE-based tunnels.

Topology
VersaTopology.png
Configuration

To establish an IPSec Tunnel, this information is required.

SWG Parameters

Versa Parameters

Description

Source Identity

IKE – Peer IP

Peer IP to establish IPsec

Primary POP/Secondary POP

Local ID – IP

IKE

Primary POP/Secondary POP

Remoted ID – IP Address

PSK

PSK

Pre-shared Key

Policy

Example:

Match HTTP and HTTPS

Match policy for Policy based tunnel

IKE Version V2

IKE Version V2