Sample Vpn Address Information Table - Watchguard Firebox X15 User Manual

Branch Office Virtual Private Networks

Sample VPN address information table

Item
External IP Address
Local Network
Address
Shared Key
Encryption Method
Authentication
256
Description
The IP address that identifies the IPSec-compatible device
on the Internet. ISP Example:
Site A: 207.168.55.2
Site B: 68.130.44.15
An address used to identify a local network. These are the
IP addresses of the computers on each side that are
allowed to send traffic through the VPN tunnel. We
recommend that you use an address from one of the
reserved ranges:
10.0.0.0/8—255.0.0.0
172.16.0.0/12—255.240.0.0
192.168.0.0/16—255.255.0.0
The numbers after the slashes indicate the subnet masks. /
24 means that the subnet mask for the trusted network is
255.255.255.0. For more information on entering IP
addresses in slash notation, see this FAQ:
https://www.watchguard.com/support/advancedfaqs/
general_slash.asp You Example:
Site A: 192.168.111.0/24
Site B: 192.168.222.0/24
The shared key is a passphrase used by two IPSec-
compatible devices to encrypt and decrypt the data that
goes through the VPN tunnel. The two devices use the
same passphrase. If the devices do not have the same
passphrase, they cannot encrypt and decrypt the data
correctly.
Use a passphrase that contains numbers, symbols,
lowercase letters, and uppercase letters for better security.
For example, Gu4c4mo!3 is better than guacamole.
Example:
Site A: OurSharedSecret
Site B: OurSharedSecret
DES uses 56-bit encryption. 3DES uses 168-bit encryption.
AES encryption is available at the 128-bit, 192-bit, and 256-
bit levels. AES-256 bit is the most secure encryption. The
two devices must use the same encryption method.
Example:
Site A: 3DES; Site B: 3DES
The two devices must use the same authentication
method.
Example:
Site A: MD5 (or SHA1)
Site B: MD5 (or SHA1)
Assigned by
ISP
You
You
You
You
Firebox X Edge e-Series