About Managed Vpns; Set Up Manual Vpn Tunnels; What You Need For Manual Vpn - Watchguard Firebox X15 User Manual
Firebox x edge e-series version 10 all firebox x edge e-series standard and wireless models
Hide thumbs
Also See for Firebox X15:
- User manual (266 pages) ,
- Quick start manual (2 pages) ,
- Reference manual (264 pages)
Table of Contents
Advertisement
About managed VPNs
You can configure a VPN tunnel on the Firebox X Edge e-Series with two procedures: Managed VPN and
Manual VPN. For information on creating a Manual VPN tunnel, see
The WatchGuard Management Server (previously known as the DVCP Server) uses DVCP (Dynamic VPN
Configuration Protocol) to keep the VPN tunnel configuration. DVCP is the WatchGuard protocol that you can
use to create IPSec tunnels easily. We use the name Managed VPN because the Management Server manages
the VPN tunnel and sends the VPN configuration to your Firebox X Edge. An Edge administrator must type
only a small quantity of information into the Edge configuration pages.
You must have WatchGuard System Manager and a Firebox III, Firebox X Core, or Firebox X Peak to have a
Management Server. When your Firebox X Edge gets its VPN configuration from a Management Server, your
Edge is a client of the Management Server in a client-server relationship. The Edge gets all of its VPN
configuration from the Management Server.
To configure a Firebox X Edge to allow WatchGuard System Manager access for the creation of VPN tunnels,
see
About WatchGuard System Manager
Set up manual VPN tunnels
To create a VPN tunnel manually to another Firebox X Edge or to a Firebox III or Firebox X, or to configure a
VPN tunnel to a device that is not a WatchGuard device, you must use Manual VPN. Use this section to
configure Manual VPN on the Edge.
What you need for Manual VPN
In addition to the VPN requirements at the start of this chapter, you must have this information to create a
Manual VPN tunnel:
You must know whether the IP address assigned to the other VPN device is static or dynamic. If the
other VPN device is dynamic, your Firebox X Edge must find the other device by domain name and the
other device must use Dynamic DNS.
You must know the shared key (passphrase) for the tunnel. The same shared key must be used by the
two devices.
You must know the encryption method used for the tunnel (DES, 3DES, AES-128 bit, AES-192 bit, or
AES-256 bit). The two VPN devices must use the same method.
You must know the authentication method for each end of the tunnel (MD5 or SHA1). The two VPN
devices must use the same authentication method.
We recommend that you write down your Firebox X Edge configuration, and the related information for the
other device. See the
User Guide
access.
Sample VPN address information table
Branch Office Virtual Private Networks
Create Manual VPN tunnels on your
to record this information.
Edge.
255
Hide quick links:
Advertisement
Table of Contents
