About Configuring Connections for Secure Web Gateway
You can connect any site where you run a local network to Secure Web Gateway to route your web traffic there. For any connection, you can configure a range of IP addresses that you consider safe or a tunnel to route the traffic through it.
For this configuration, you configure one or more sites as a location.
To set up a tunnel from a location to Secure Web Gateway, you configure settings for a networking device or SD-WAN service that you run in your network. The traffic is then routed from the device or service to Secure Web Gateway and authenticated.
The routing follows the IPsec or GRE tunneling protocol.
Depending on the type of connectivity you have chosen, you need to complete one of the following configuration tasks:
-
Configure IP address ranges — When users send web traffic from IP addresses within these ranges, they pass authentication on Secure Web Gateway.
For more information, see About Configuring IP Address Ranges. - Configure an IPsec tunnel — When web traffic is routed through this type of tunnel, it follows the IPsec protocol.
For more information, see About Configuring an IPsec Tunnel. -
Configure GRE tunnels — When web traffic is routed through this type of tunnel, it follows the GRE protocol.
For more information, see About Configuring GRE tunnels.
For more information about how to configure connections for routing web traffic from a location to Secure Web Gateway, see Locations.
For more information about CIDR notation and SD-WAN, see Configuring IP Addresses Using CIDR Notation and Using an SD-WAN Service to Configure Connections for Secure Web Gateway.
For information about how to extend the protection against web threats that is ensured by Secure Web Gateway to mobile devices, see About Configuring Mobile Cloud Security.