Example VPN configuration 2: create a VPN Profile element

The VPN Profile must contain VPN settings that match the settings defined on the external VPN gateway.

Before you begin

You must have defined a site for the external VPN gateway in configuration 2.

Note: This configuration scenario does not explain all settings related to VPN Profiles.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to SD-WAN.
  2. Browse to Other Elements > Profiles > VPN Profiles.
  3. Right-click VPN Profiles, then select New VPN Profile.
  4. In the Name field, enter a unique name.
  5. On the IKE SA tab, configure the IKE SA settings.
    1. Select the Version.
      You can select IKEv1, IKEv2, or both. If both versions are selected, IKEv2 is tried first in the negotiations, and IKEv1 is only used if the remote gateway does not support IKEv2.
    2. In the Cipher Algorithms section, select one or more encryption methods that match the settings of the external gateway device.
      We recommend that you limit the selection to as few choices as possible. Do not select DES unless you are required to do so. DES is no longer secure because it is relatively easy to break DES encryption with modern computers. 3DES (Triple-DES) has a relatively high overhead compared to other protocols with a comparable level of security. For this reason, 3DES is not a good choice when high throughput is required.
      Note: The restricted (-R) product version has no strong encryption algorithms.
    3. Select the Message Digest Algorithm that matches the settings of the external gateway device.
      • In IKE, the message digest algorithm is used for integrity checking and key derivation.
      • If you select SHA-2, define the Minimum Length for the digest: 256, 384, or 512 bits. Set the length so that it is in line with the overall security strength.
    4. Select the Diffie-Hellman group or groups (used for key exchange) to be allowed to be used with the external gateway device.
      We recommend that you select from groups 14-21 according to the security requirements for the VPN. Groups 1, 2, and 5 are not sufficiently secure in all cases, although they might be required for interoperability with legacy systems.
    5. Select the Authentication Method.
    6. If IKEv1 is selected as the Version, adjust the SA Lifetime in Minutes to match the settings of the external gateway device.
      In IKEv2, lifetime is set locally, so it does not have to match the lifetime settings of the external gateway.
    7. If one of the Gateways has a dynamic IP address, change the IKEv1 Negotiation Mode to Aggressive.
  6. On the IPsec SA tab, configure the IPsec SA settings.
    1. Select the IPsec Type:
      • The recommended setting is ESP (the communications are encrypted).
      • Usually, AH is not a valid option. The AH setting disables encryption for the VPN, fully exposing all traffic that uses the VPN to anyone who intercepts it in transit. You can use AH to authenticate and check the integrity of communications without encrypting them.
    2. In the Cipher Algorithms section, select one or more encryption methods that match the settings of the external gateway device
      • Do not select Null. This option disables encryption and allows anyone to view the data in transit.
      • Do not select DES unless you are required to do so. DES is no longer secure, as it is relatively easy to break DES encryption with modern computers.
      • 3DES (Triple-DES) has a relatively high overhead compared to other protocols with a comparable level of security. It is not a good choice when high throughput is required.
      • AES-GCM-128 or AES-GCM-256 are recommended for high-speed networks.
    3. Select the Message Digest Algorithm that matches the settings of the external gateway device.
      • In IPsec, the message digest algorithm is used for integrity checking (except when authenticated encryption such as AES-GCM is used).
      • If you select SHA-2, define the Minimum Length for the digest: 256, 384, or 512 bits. Set the length so that it is in line with the overall security strength.
    4. Make sure that Compression Algorithm is set to None.
      The external gateway must not use compression.
    5. Adjust the IPsec Tunnel Lifetime to match the settings of the external gateway device.
    6. Select the Security Association Granularity for Tunnel Mode that matches the settings of the external gateway device.
    7. (Recommended) Select Use PFS with Diffie-Hellman Group if the external gateway device can use perfect forward secrecy (PFS), and select the Diffie-Hellman group to use with PFS.
      We recommend that you select from groups 14-21 according to the security requirements for the VPN. Groups 1, 2, and 5 are not considered sufficiently secure in all cases, although they might be required for interoperability with legacy systems.
  7. Click OK.

Next steps

Create a Policy-Based VPN element.

VPN Profile Properties dialog box

Use this dialog box to define the properties of a VPN Profile.

Option Definition
General tab
Name The name of the element.
Comment

(Optional)

A comment for your own reference.
Overview section A preview of the selections made on the other tabs is shown.
Option Definition
IKE SA tab
Versions Select the IKE version.
Note: If both versions are selected, IKEv2 is tried first in the negotiations, and IKEv1 is only used if the remote gateway does not support IKEv2.
  • IKEv1 — Internet Key Exchange version 1.
  • IKEv2 — Internet Key Exchange version 2.
Cipher Algorithms Select encryption methods that are appropriate for the sensitivity of the transferred information and any regulations that you might have to follow.

We recommend that you limit the selection if possible, preferably using only one. If you select several options, multiple proposals are sent in IKE negotiations.

  • AES-128 — Advanced Encryption Standard cipher algorithm with a 128-bit key size.
  • AES-256 — Advanced Encryption Standard algorithm with a 256-bit key size.
  • DES — Data Encryption Standard algorithm. Do not select this option unless you are required to do so. DES is no longer considered secure because it is relatively easy to break DES encryption with modern computers.
  • Blowfish — Blowfish cipher algorithm.
  • 3DES — Triple DES algorithm. Applies the DES cipher algorithm three times to each data block. This option has a high overhead compared to other protocols with a comparable level of security. It is not a good choice when high throughput is required.
Note: The restricted (-R) product version has no strong encryption algorithms.
Message Digest Algorithms Used for integrity checking and key derivation. We recommend that you select just one of these options if you have no specific reason to select more.
  • SHA-1 — The SHA-1 hash function.
  • SHA-2 — The SHA-2 hash function. Define the minimum length according to the security requirements for the VPN.
  • MD5 — The MD5 message-digest algorithm.
Diffie-Hellman Groups Select one or more groups for key exchange. We recommend that you select from groups 14-21 according to the security requirements for the VPN.
Note: Groups 1, 2, and 5 are not considered sufficiently secure in all cases, although they might be required for interoperability with legacy systems.
  • 1 (768 bits) — Diffie-Hellman key exchange with a 768-bit modulus.
  • 2 (1024 bits) — Diffie-Hellman key exchange with a 1024-bit modulus.
  • 5 (1536 bits) — Diffie-Hellman key exchange with a 1536-bit modulus.
  • 14 (2048 bits) — Diffie-Hellman key exchange with a 2048-bit modulus.
  • 15 (3072 bits) — Diffie-Hellman key exchange with a 3072-bit modulus.
  • 16 (4096 bits) — Diffie-Hellman key exchange with a 4096-bit modulus.
  • 17 (6144 bits) — Diffie-Hellman key exchange with a 6144-bit modulus.
  • 18 (8192 bits) — Diffie-Hellman key exchange with a 8192-bit modulus.
  • 19 (ECP 256 bits) — Diffie-Hellman key exchange with 256-bit elliptic curve.
  • 20 (ECP 384 bits) — Diffie-Hellman key exchange with 384-bit elliptic curve.
  • 21 (ECP 521 bits) — Diffie-Hellman key exchange with 521-bit elliptic curve.
Authentication Method The method that gateways in the VPN use to authenticate to each other.
  • Pre-Shared Key — Requires that you periodically change the pre-shared keys for each tunnel in the VPN elements to be secure.
  • RSA Signatures — Requires that each Gateway has a valid certificate.
  • DSS Signatures — Requires that each Gateway has a valid certificate.
  • ECDSA Signatures — Requires that each Gateway has a valid certificate.
The authentication method you select here is used for site-to-site VPNs. Mobile VPNs have separate settings on the IPsec Client tab.
SA Lifetime in Minutes

The time limit after which IKE SA negotiations are done again in a continuously used VPN. This setting also defines the authentication timeout for the Forcepoint VPN Client.

Change this setting only if you have a specific reason to do so. The SA lifetime must match the settings of the external gateway device.

This setting affects tunnels that carry traffic continuously. Tunnels that are not used are closed after a short delay regardless of the lifetime set. Renegotiations improve security, but might require heavy processing. The default lifetime is 1440 minutes.

IKEv1 Negotiation Mode (Only if the Version is IKEv1) The negotiation mode for IKEv1 key exchange.
  • Main — Main negotiation mode (recommended) protects the identity information of the Gateways so that malicious parties cannot gain information about the Gateway's identity by launching IKE negotiations with the gateway.
  • Aggressive — Aggressive negotiation mode skips some steps that are included in the main mode, resulting in quicker negotiations. For security reasons, we recommend that you do not use the aggressive negotiation mode if you use pre-shared keys for authentication.

    Select Aggressive mode for VPNs that involve a gateway with a dynamic IP address. In this case, we recommend that you use certificates for authentication rather than pre-shared keys.

Always Keep Tunnels Established When selected, the NGFW Engine keeps the IPsec VPN tunnels established even when no traffic is sent through the VPN tunnel. When the value for the SA Lifetime in Minutes option (for IKE SA) or the value for the IPsec Tunnel Lifetime (for IPsec SA) option is exceeded, the tunnel is automatically renegotiated even if there is no traffic in the VPN tunnel.
Option Definition
IPsec SA tab
IPsec Type Select one or more options to define integrity checking and data origin authentication for IP datagrams.
  • ESP — (Recommended) Encapsulating Security Payload. The communications are encrypted.
  • AH — Authentication Header. Usually, AH alone is not a valid option. The AH setting disables encryption for the VPN, fully exposing all traffic that uses the VPN to anyone who intercepts it in transit. You can use AH to authenticate and check the integrity of communications without encrypting them.
Cipher Algorithms The VPN encryption method. We recommend that you limit the selection to as few choices as possible, preferably only one.
  • AES-128 — Advanced Encryption Standard cipher algorithm with a 128-bit key size.
  • AES-256 — Advanced Encryption Standard algorithm with a 256-bit key size.
  • AES-GCM-128 — Advanced Encryption Standard Galois/Counter Mode encryption algorithm with a 128-bit key size. Recommended for high-speed networks.
  • AES-GCM-256 — Advanced Encryption Standard Galois/Counter Mode encryption algorithm with a 256-bit key size. Recommended for high-speed networks.
  • DES — Data Encryption Standard algorithm. Do not select this option unless you are required to do so. DES is no longer considered secure because it is relatively easy to break DES encryption with modern computers.
  • Blowfish — Blowfish cipher algorithm.
  • 3DES — Triple DES algorithm. Applies the DES cipher algorithm three times to each data block. This option has a high overhead compared to other protocols with a comparable level of security. It is not a good choice when high throughput is required.
  • Null — Do not select this option unless you want to disable encryption. This option fully exposes all traffic that uses the VPN to anyone who intercepts it in transit. You can use Null encryption to authenticate and check the integrity of communications without encrypting them.
Note: The restricted (-R) product version has no strong encryption algorithms.
Message Digest Algorithms Used for integrity checking, except when authenticated encryption such as AES-GCM is used. We recommend that you select just one of these options if you have no specific reason to select more.
  • SHA-1 — The SHA-1 hash function.
  • SHA-2 — The SHA-2 hash function. Define the minimum length according to the security requirements for the VPN.
  • AES-XCBC-MAC — The AES-XCBC-MAC Message Authentication Code hash function.
  • MD5 — The MD5 message-digest algorithm.
Compression Algorithm Options for compressing the data in the VPN to reduce the bandwidth use on congested links.
  • Deflate — Compresses the data. This compression requires processing and memory resources, which increases latency. Latency might also increase for non-VPN traffic. Do not select this option if the resource utilization is high. Gateways at both ends of each tunnel involved must support the option.
  • None — (Recommended for most environments) Sends the data without compressing it. Provides better performance when bandwidth congestion for VPN traffic is not a constant issue or if there is significant processor load.
IPsec Tunnel Lifetime

(Optional)

Limits after which IPsec SA negotiations are done again in a continuously used VPN. Reaching either the time or data amount limits triggers new IPsec SA negotiations, which must happen at regular intervals to guarantee security.

This setting affects tunnels that carry traffic continuously. Tunnels that are not used are closed after a short delay regardless of the lifetime set here. IPsec SA negotiations are lighter on the processor than IKE SA negotiations, but still require some processing. Too frequent renegotiations can reduce performance down to unacceptable levels.

Note: There is a separate setting for the SA Lifetime on the IKE SA tab. The SA Lifetime must be longer than the IPsec Tunnel Lifetime.

The default is 480 minutes with no limit on the amount of transferred data.

Security Association Granularity Defines the level at which security associations (SA) are created.
  • SA per Net — Creates an SA for each network from which connections are made through the VPN. This setting reduces the overhead when there are many hosts making connections through the VPN.
  • SA per Host — Creates an SA for each host that makes connections through the VPN. This setting might provide more even load balancing in clusters than the per net setting, but increases the overhead, because per host usually requires more SAs to be negotiated.
Use PFS with Diffie-Hellman Group

(Optional)

Select one of the Diffie-Hellman groups. We recommend that you select from groups 14-21 according to the security requirements for the VPN.
Note: Groups 1, 2, and 5 are not considered sufficiently secure in all cases, although they might be required for interoperability with legacy systems.
When you use this option, the gateways calculate new values for key negotiations when renegotiating the SAs instead of deriving the values from previously negotiated keying material. This setting increases security if a key is compromised.
Disable Anti Replay Window

(Optional)

The anti-replay window feature provides protection against attacks in which packets are replayed. When enabled, the gateway keeps track of the sequence numbers of the arriving packets, and discards any packet whose number matches the number of a packet that has already arrived.

It is usually recommended to leave the anti-replay window enabled. However, if QoS is applied to ESP/AH traffic, some of the ESP packets (for the same SA) might be delayed due to the classification and arrive at the destination so late that the anti-replay window has moved too far. This behavior causes the packets to be dropped. In this case, it might be necessary to disable the anti-replay window.

Disable Path MTU Discovery

(Optional)

Prevents the gateway from sending ICMP "Fragmentation needed" messages to the originator when the packet size (including the headers added for IPsec) exceeds the Ethernet-standard 1500 bytes. If this option is selected, packets might be fragmented for transport across the VPN and reassembled at the receiving gateway. Selecting the option might be necessary if ICMP messages do not reach the other gateway or the other gateway does not react to them correctly.
Option Definition
IPsec Client tab

If a VPN Profile that contains VPN client settings is used in a route-based VPN, the VPN Client settings are ignored.

Authentication Method

Enables certificate-based authentication.

This option is always used for the Gateway certificates for the Gateways involved in mobile VPNs, and if certificate authentication is used, also for the client. Certificate authentication does not need separate activation. However, you must configure the issuing authority separately as trusted and you must create certificates for the VPN clients in a manual process.

  • RSA Signatures — Requires that each Gateway has a valid certificate.
  • DSS Signatures — Requires that each Gateway has a valid certificate.
  • ECDSA Signatures — Requires that each Gateway has a valid certificate.
Allow Hybrid / EAP Authentication

(Optional)

(Forcepoint VPN Client only)

Allows users of the Forcepoint VPN Client to authenticate by filling in a user name and password or a similar authentication scheme provided by an external authentication server. The gateway still authenticates itself to the VPN clients using a certificate.
Allow CN Authentication

(Optional)

(Certificate authentication only)

Allows using the common name (CN) of the certificates for authentication. The CN is checked against a value entered in User elements.
Allow Pre-Shared Key Authentication with IKEv1

(Optional)

Select this option if you have third-party VPN clients that use a pre-shared key for authenticating the VPN clients and the gateway. The pre-shared key is defined in the properties of User elements that have Pre-Shared Key Method as an authentication method.

The Forcepoint VPN Client does not support this method.

CAUTION:
The pre-shared key option requires aggressive mode IKE negotiations in the mobile VPN. In aggressive mode, user information is not protected, so we recommend that you take precautions, such as not using the same user name for the users as they have when they access other services in your internal network.
IPsec Security Association Granularity for Tunnel Mode Defines the level at which security associations (SA) are created in Tunnel Mode. The Forcepoint VPN Client supports only SA per Net.
  • SA per Net — Creates a security association (SA) for each network from which connections are made through the VPN. This setting reduces the overhead when there are many hosts making connections through the VPN.
  • Allow SA to Any Network — (Valid only for third-party IPsec VPN Clients) Select this option together with SA per Net to support both the Forcepoint VPN Client and any third-party VPN clients that only support SAs negotiated per Host.
  • SA per Host — Creates an SA for each host that makes connections through the VPN. This setting might provide more even load balancing in clusters than the per net setting, but increases the overhead, because per host usually requires more SAs to be negotiated.
Option Definition
Certificate Authorities tab
Trust All The gateway trusts all certificate authorities, unless restricted in the VPN element. This option is the default setting.
Trust only selected The gateway trusts only the certificate authorities that you select in the table. You can also restrict trusted CAs in VPN Gateway and External VPN Gateway elements. If you restrict trusted CAs in both the gateway and the VPN Profile, make sure that any two gateways that form a VPN tunnel trust the same CA after all defined restrictions are applied.