VPN client settings and how they work
Forcepoint VPN Client settings are configured centrally in the SMC. The settings are automatically updated to the Forcepoint VPN Client from the engines when the clients connect.
What VPN client settings in the SMC do
The following settings are transferred from the gateway to the client:
- Routing information (VPN Site definitions). Generally, if an IP address that the client wants to contact is included in the Site definition, the traffic is routed into the VPN.
- Authentication settings
- Encryption settings
- Information about the gateway’s endpoints
- Settings for NAT traversal methods allowed
- Settings for local security checks on the client computer
- Secondary IPsec VPN gateways to contact in case there is a disruption at the IPsec VPN gateway end
Limitations
- When the Forcepoint VPN Client is first installed, it has no configuration. Either the user or the administrator must add the basic information about gateways, such as the IP address to use for connecting.
- There are version-specific dependencies between the Forcepoint VPN Client and Firewall/ VPN software. See the Release Notes of the Forcepoint VPN Client version you intend to use for information about compatibility with your Firewall/VPN gateway’s software version.
- The SMC does not create configurations for third-party VPN clients. You must create the configuration through the controls and tools of the third-party VPN client product.