WatchGuard Technologies WatchGuard SOHO and SOHO | tc Configuring Virtual Private Networking

Page 55

CHAPTER 4 Configuring Virtual

Private Networking

This chapter describes an optional feature of the WatchGuard SOHO: virtual private networking with IPSec.

NOTE

The following WatchGuard SOHOs support IPSec tunnels:

•WatchGuard SOHO with VPN Feature Key •WatchGuard SOHOtc

Why create a virtual private network?

Virtual Private Networking (VPN) tunnels enable you to simply and securely connect computers in two locations without requiring expensive, dedicated point-to-point data connections. With VPN, you use low cost connections to the Internet to create a virtual connection between two branch offices. Unlike a simple, un-

User Guide 2.3

43

Image 55

Contents WatchGuard Soho User Guide Copyright and patent information Registration and identification informationUser Guide Iii WatchGuard Soho End-User License AgreementPage User Guide WatchGuard Limited Hardware Warranty User Guide Vii Welcome Redeeming Soho upgrade certificatesFollowing conventions are used throughout this guide Using this guidePage Table of Contents Additional Soho Features Pre-installation checklist InstallationBefore you begin Determine your current TCP/IP settings Performing manual installationOther operating systems Unix, Linux Microsoft Windows NT orMicrosoft Windows 95 or 98 or ME MacintoshDisable your browser’s Http proxy Internet Explorer Netscape 4.5 orCabling the Soho for one to four devices Physically connecting your SohoThis creates a connection between the Soho and the modem Cabling the Soho for more than four computers This creates a connection between the Soho and the modem Physically connecting your Soho How does a firewall work? Setting Up Your Soho NetworkNetwork addressing Configuring your public networkDouble-click the Network icon Configuring your public network Configuring the Soho public network for dynamic addressing On your computer Configuring the Soho public network for static addressingSelect the Obtain an IP address automatically option. Click Click Public Network On the SohoConfiguring Soho public network for PPPoE Click Automatically restore lost connections Release and renew the IP configurationConfiguring your private network Configure additional computers to the private network Select System Administration Changing the Soho system name and passwordSelect System Password Default factory settings Default factory settings Virtual Private Networking IPSec VPN is not installed Troubleshooting installation and network configurationHow do I change to a Dhcp private IP address? What do the on and Mode lights signify on the SOHO?Where are the Soho settings stored? How do I register my SOHO?How do I change to a static private IP address? How do I allow any incoming service?Click Services and then click Allowed Incoming Services How do I set up and disable Web blocking?How do I allow incoming IP protocols? VPN Management How do I set up VPN between two SOHOs?How do I set up my Soho for remote configuration? How do I reboot my SOHO?How do I reset the Soho to factory defaults? How do I get to the Soho Knowledge Base? Set a password on my unit, but I forgot it. Can you help?How do I install a Soho using a Macintosh? How does the seat limitation on the Soho work?How can I see the MAC address of my SOHO? What is a Soho feature key?Cant get a certain Soho feature to work with a DSL modem How do I register for Live Security?How does information travel on the internet? Configuring Services for a SohoIP addresses Port number ServicesWatchGuard Soho services ProtocolNetwork address translation Allowing incoming servicesSelect Allowed Incoming Services Adding a pre-configured incoming serviceClick Add a Service Click Add Other TCP or UDP Service Creating a custom incoming serviceAdding an incoming TCP or UDP service Click Allowed Incoming Services. Click Add a ServiceAdding the Any service Adding an incoming service with another type of protocolClick Add Other Service Click Add Any Service Removing an incoming serviceClick Allowed Incoming Services Blocking a TCP or UDP service Blocking outgoing servicesClick Remove a Service Blocking an alternative protocol Select Blocked Outgoing ServicesClick Block TCP or UDP Service Click Blocked Outgoing ServicesClick Remove Blocked Service Removing a blocked outgoing serviceWhy create a virtual private network? Configuring Virtual Private NetworkingOne WatchGuard Soho with VPN and an IPSec-compliant Device What you will needIP Address Table example Step-by-step instructions for configuring a Soho VPN tunnel About Feature KeysObtaining a VPN Feature Key Enabling the VPN Feature KeySpecial considerations How do I connect three or four offices together? Frequently asked questionsWhy do I need a static public address? How do I get a static public IP address?How do I enable a VPN Tunnel? How do I obtain a VPN Feature Key?OK, ping is not working Frequently asked questions Socks for Soho Additional Soho FeaturesSoho Socks implementation Configuring your Socks application on the SohoDisabling Socks on the Soho Select Service OptionsClick System Information Setting a remote log hostSoho logging Viewing Soho log messagesClick System Administration Rebooting a WatchGuard SohoSelect Remote Logging Rebooting a WatchGuard Soho How WebBlocker works WatchGuard Soho WebBlockerBypassing the Soho WebBlocker Web site not in WebBlocker databaseWeb site in WebBlocker database WatchGuard WebBlocker database unavailablePurchasing and enabling Soho WebBlocker Configuring the Soho WebBlockerSelect Web Blocking WebBlocker categories Enter the full access passwordAlcohol/Tobacco Satanic/Cult Search Engines Click Check if the URL is on the CyberNOT List Searching for blocked sitesIndex Primary IP address 44 secondary IP address TCP UDP