Configure Split Tunneling - Watchguard Firebox SOHO 6 Wireless User Manual

15 Set the authentication in the Authentication Algorithm drop-
down list. The options are None (no authentication), MD5-
HMAC (128-bit authentication) or SHA1-HMCA (160-bit
authentication).
16 Set the type of encryption in the Encryption Algorithm drop-
down list. The options are None (no authentication), DES-CBC
or 3DES-CBC.
17 Click the Enable Perfect Forward Secrecy check box, if
necessary.
When this option is set, each new key that is negotiated is derived by a new
Diffie-Hellman exchange instead of from only one Diffie-Hellman
exchange. This option gives more security, but increases the time
necessary for the communication because of the additional exchange.
18 Set the number of kilobytes until key expiration.
19 Set the number of hours until key expiration.
20 Set the IP address of the local network and the remote network
that must use Phase 2 negotiation.
21 Click Submit.

Configure split tunneling

The split tunneling feature allows the system administrator to
direct all Internet traffic from the trusted network through the
VPN tunnel. Without split tunneling, only traffic directed to the
other end of the VPN tunnel is sent through the tunnel and the
traffic for other Internet addresses is sent directly to the Internet.
Split tunneling allows the control of access to Internet Web sites
from one location.
116 WatchGuard Firebox SOHO 6 Wireless