Configuring a WatchGuard SOHO to SOHO IPSec Tunnel
10.07.2015 Views
Share Embed Flag

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel

Configuring a WatchGuard SOHO to SOHO IPSec Tunnel

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
watchguard.com

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Frequently Asked QuestionsWhy do I need a static public address?To create a connection, one <strong>SOHO</strong> must be able <strong>to</strong> find its partner device. If theaddresses were allowed <strong>to</strong> change, the <strong>SOHO</strong> could not find its remote computer.How do I get a static public IP address?Contact your ISP. Some systems, like many cable modem systems, use dynamicallyassigned (DHCP) addresses <strong>to</strong> simplify basic installations. Some providers may alsouse this feature <strong>to</strong> discourage users from creating Web servers. These providersusually offer a static IP Address option.How do I connect three or four offices <strong>to</strong>gether?To connect more than two offices <strong>to</strong>gether, <strong>WatchGuard</strong> recommends designating oneoffice <strong>to</strong> be the center of a star network configuration and upgrading it <strong>to</strong> a<strong>WatchGuard</strong> Firebox II, or Firebox II FastVPN. You can then manage multiple tunnels<strong>to</strong> <strong>SOHO</strong>s or other <strong>IPSec</strong> compliant devices from the central Firebox. In addition, theVPN Manager 2.0 add-on allows quick and easy creation and management ofmultiple tunnels.How do I troubleshoot the connection?Use the ping method described above. If you can ping the remote <strong>SOHO</strong> andcomputers behind it, your VPN tunnel is up and running. Any remaining problemsprobably reside with MS Networking or an application used.When I ping, I am not receiving a reply from the <strong>SOHO</strong>.If you cannot ping the remote <strong>SOHO</strong>, take the following steps <strong>to</strong> identify the problem:1 Ping the public address of the remote <strong>SOHO</strong>.Following our example, from Site A, ping 108.200.23.101 (Site B). You should get a reply. Ifnot, verify the Public Network Settings of Site B. If they are correct, verify that computers atSite B can access the internet. If you are still having trouble, contact your ISP.2 Once you can ping the public address of each <strong>SOHO</strong>, try pinging the privateaddress.From Site A, ping 10.10.10.20. If the tunnel is up, you should get a reply from the remote<strong>SOHO</strong>. If not, re-check the Local Settings page. Make sure that the local DHCP addressesranges do not overlap. That is, be certain that the internal networks are different.Glossary of TermsDES – Data Encryption SchemeA cryp<strong>to</strong>graphic mechanism used <strong>to</strong> encrypt data before placing it in the Internetsystem. Once the data is encrypted, it is safer <strong>to</strong> transport via the public Internetsystem. Without encryption, the data may be easily read by any computer along itsroute.<strong>Tunnel</strong>A tunnel is used <strong>to</strong> route traffic between two networks. Creating a tunnel betweentwo <strong>SOHO</strong>s can join the two local networks, with each maintaining different privateaddresses.6 <strong>WatchGuard</strong> <strong>SOHO</strong> with VPN Manager 2.1

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!