The cloud security service establishes a secure tunnel from an Edge to the cloud security service sites. This ensures secured traffic flow to the cloud security services.
Procedure
- In the New Cloud Security Provider window, select a service type from the drop-down list:
After selecting the service type, configure the following settings:
Option Description Service Name Enter a descriptive name for the cloud security service. Primary Point-of-Presence/Server Enter the IP address or hostname for the Primary server. Secondary Point-of-Presence/Server Enter the IP address or hostname for the Secondary server. Note: In the Manual deployment, if you have selected Zscaler Cloud Security Service as Service Type and planning to assign a GRE tunnel, it is recommended to enter only IP address in the Primary and Secondary Server, and not the hostname, as GRE does not support hostnames.If you choose ZScaler cloud security service, then you can choose to automate the deployment by selecting the Automate Cloud Service Deployment checkbox.Note: Currenlty, IPsec Automation from Edge to Zscaler is only supported and the GRE Automation from Edge to Zscaler is not supported, but is planned for future releases.Configure the following if you choose to automate the cloud service deployment:
Option Description Zscaler Cloud Enter the Zscaler cloud service name. Partner Admin Username Enter the provisioned username of the partner admin. Partner Admin Password Enter the provisioned password of the partner admin. Partner Key Enter the provisioned partner key. Domain Enter the domain name on which the cloud service would be deployed. Note: For more information about Zscaler CSS automation, see Zscaler and VMware SD-WAN Deployment Guide.Click Validate Credentials.
Results
