Branch office VPN with IPSec
You can also change the network range of a WatchGuard client. However, when you save the configuration to the server, it automatically triggers the client to reboot and load the new policy.
From Policy Manager:
1Select Network => Branch Office VPN => Basic DVCP.
2Select the tunnel policy. Click Edit.
The DVCP Client Wizard opens and displays the tunnel properties.
3Use the Next and Back buttons to move through the DVCP Client Wizard and reconfigure tunnel properties. When complete, click Finish.
4Save the configuration file to the Firebox.
The next time the client contacts the server, it will automatically note the tunnel policy change and download the modifications. If the network address range on a client has changed, the client automatically restarts.
Removing a tunnel to a device
When a tunnel is removed, the DVCP client can no longer communicate with the server. The next time the DVCP client tries to contact the server, contact will be denied. If these settings were never manually configured, the client will use 192.168.111.0/24 as the DHCP network range.
From Policy Manager:
1Select Network => Branch Office VPN => Basic DVCP.
2Select the tunnel policy. Click Remove.
The policy is removed from the DVCP Configuration dialog box.
Defining a Firebox as an Enhanced DVCP Client
If a Firebox is part of a DVCP VPN setup, enable it as a client and configure its settings.
From Policy Manager:
1Select Network => Enhanced DVCP Client.
2Enable the Enable this Firebox as a DVCP Client checkbox.
3 In the Firebox Name field, specify the name of the Firebox.
4To log messages for the DVCP client, enable the Enable debug log messages for the DVCP Client checkbox.
5To add DVCP servers that the client can communicate with, click Add.
6 Enter the IP address. Enter the scared secret. Click OK.
Branch office VPN with IPSec
IPSec is a protocol that encrypts and/or authenticates traffic at the IP level between any mix of arbitrary hosts and security gateways. For more information about IPSec
124
