Configuring a WatchGuard SOHO to SOHO IPSec Tunnel
Configuring a WatchGuard SOHO to SOHO IPSec Tunnel
Configuring a WatchGuard SOHO to SOHO IPSec Tunnel
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Verifying the <strong>Tunnel</strong>server on a computer on Site B with the IP address 10.10.10.253. Note that this can bethe same computer that houses the WINS server. (This field is optional.)Remote DomainThe remote domain behind the remote device (Site B). This is not applicable for a<strong>SOHO</strong> <strong>to</strong> <strong>SOHO</strong> <strong>IPSec</strong> VPN tunnel. Leave blank. (This field is optional.)Shared KeySimilar <strong>to</strong> a password, the phrase is used <strong>to</strong> authenticate both ends of the tunnel <strong>to</strong>each other; the shared key must be identical on both sites. In our example,Gu4c4mo!3.Remote Network AddressThe address of the network on the trusted side of the remote <strong>SOHO</strong>. In our example,we entered the local network address for Site B, 10.10.10.0.Subnet MaskThe mask of the network on the trusted side of the remote <strong>SOHO</strong>. In our example,255.255.255.0Encryption MethodYou can use either DES or the more secure 3DES. Whichever you select, it must matchthe encryption level set for the remote <strong>SOHO</strong>.Authentication MethodThe algorithm type (such as MD-5 or SHA-1). It must match the authenticationmethod set for the remote <strong>SOHO</strong>.Additional Networks Reachable Through <strong>Tunnel</strong>This is not applicable for a <strong>SOHO</strong> <strong>to</strong> <strong>SOHO</strong> <strong>IPSec</strong> VPN <strong>Tunnel</strong>. Leave blank.6 Review the configuration information you have entered. Click Submit at thebot<strong>to</strong>m of the page.7 A page will appear prompting you <strong>to</strong> reboot the <strong>SOHO</strong>. Confirm your settings;click Reboot.8 Repeat steps 1 through 7 for the Site B <strong>SOHO</strong>, using the IP address numbersappropriate <strong>to</strong> that installation. Make sure that the encryption, authenticationmethod, and shared secret for Site B are exactly the same as for Site A.Verifying the <strong>Tunnel</strong>The following methods allow you <strong>to</strong> verify that the tunnel created between the two<strong>SOHO</strong> devices is functional and passing communication packets back and forth.• Browse <strong>to</strong> the remote <strong>SOHO</strong>: Open a Web browser, such as Internet Explorer orNetscape Naviga<strong>to</strong>r. Browse <strong>to</strong> the private IP address of the remote <strong>SOHO</strong>. If thebrowser finds the site and opens the page, the tunnel is operational.• Ping the remote <strong>SOHO</strong>: From a machine behind one <strong>SOHO</strong>, open a command lineinterface such as MS-DOS Command Prompt (Windows machines). Enter the followingcommand:ping [Remote <strong>SOHO</strong> Local Network Address]In our example, we could start from a machine behind the Site A <strong>SOHO</strong> and enter:ping 10.10.10.20This would send a ping command <strong>to</strong> the Site B local network address. If a reply isreceived from Site B (as opposed <strong>to</strong> a “request timed out”) the tunnel is operational.<strong>IPSec</strong> <strong>Tunnel</strong> Configuration 5
Change language