Overview
This article outlines the requirements and process for configuring an IPSec Site-to-Site VPN with Softdrive. It explains what information is needed and what to expect during the setup process.
Applies To
- Softdrive Cloud Environment
- Site-to-Site VPN (IPSec)
- Customer VPN Appliances (Fortinet, SonicWall, Palo Alto, etc.)
Prerequisites
- You have a VPN-capable firewall or appliance configured on your network
- Examples include Fortinet, SonicWall, Palo Alto, or similar devices
- You have access to your network’s public IP address
- You have identified the internal subnet(s) that need to communicate with Softdrive
Procedure
Follow these steps to configure the Site-to-Site VPN:
- Provide the required information to Softdrive:
- Public IP address of your CPE (Customer Premises Equipment / VPN endpoint)
- Device manufacturer and model (e.g., Fortinet, SonicWall, Palo Alto)
- Internal subnet(s) that should be routed through the VPN tunnel
- Softdrive will configure the VPN on its side using the provided information
- Softdrive will provide the necessary configuration details for your side:
- Peer IP addresses
- IPSec pre-shared keys
- Two tunnel configurations for active/passive high availability (HA)
- Configure your VPN appliance using the information provided by Softdrive
- Ensure the tunnel is established and traffic is successfully routing between networks
Expected Result
A secure IPSec Site-to-Site VPN tunnel is successfully established between the customer network and Softdrive, allowing traffic to flow between the defined subnets.
Troubleshooting
- Verify the public IP address is correct and reachable
- Confirm subnet definitions match on both sides
- Ensure IPSec parameters are supported and correctly configured
- Check firewall rules allowing VPN traffic
- Review device logs for tunnel negotiation errors