WatchGuard Technologies WatchGuard SOHO and SOHO | tc manual What you will need

Page 56

What you will need

encrypted Internet connection, a VPN connection eliminates any significant risk of data being read or altered by outside users as it traverses the Internet.

What you will need

1One WatchGuard SOHO with VPN and an IPSec-compliant

device.

While you can create a SOHO to SOHO VPN, you can also create a VPN with a WatchGuard Firebox or other IPSec-compliant devices.

2The following information from your Internet service provider for both devices:

-Static IP address

-Default gateway address

-Primary domain name service (DNS) IP address

-If available, a secondary DNS address

-Domain name

3Network addresses and subnet mask for networks. By default, the Private, network address of the SOHO is 192.168.111.0 and the subnet mask is 255.255.255.0.

NOTE The internal networks on either end of the VPN tunnel must use different network addresses.

To create an IPSec tunnel between devices you must add information to the configuration files of each that is specific to the site, such as public and private IP addresses. It is imperative to keep these addresses straight. WatchGuard recommends making a table of IP addresses such as the one outlined below.

44

Image 56

Contents WatchGuard Soho User Guide Registration and identification information Copyright and patent informationWatchGuard Soho End-User License Agreement User Guide IiiPage User Guide WatchGuard Limited Hardware Warranty User Guide Vii Redeeming Soho upgrade certificates WelcomeUsing this guide Following conventions are used throughout this guidePage Table of Contents Additional Soho Features Before you begin InstallationPre-installation checklist Performing manual installation Determine your current TCP/IP settingsMicrosoft Windows NT or Microsoft Windows 95 or 98 or MEMacintosh Other operating systems Unix, LinuxDisable your browser’s Http proxy Netscape 4.5 or Internet ExplorerPhysically connecting your Soho Cabling the Soho for one to four devicesThis creates a connection between the Soho and the modem Cabling the Soho for more than four computers This creates a connection between the Soho and the modem Physically connecting your Soho Setting Up Your Soho Network How does a firewall work?Configuring your public network Network addressingDouble-click the Network icon Configuring your public network Configuring the Soho public network for dynamic addressing Select the Obtain an IP address automatically option. Click Configuring the Soho public network for static addressingOn your computer On the Soho Click Public NetworkConfiguring Soho public network for PPPoE Release and renew the IP configuration Click Automatically restore lost connectionsConfiguring your private network Configure additional computers to the private network Select System Password Changing the Soho system name and passwordSelect System Administration Default factory settings Default factory settings Troubleshooting installation and network configuration Virtual Private Networking IPSec VPN is not installedWhat do the on and Mode lights signify on the SOHO? Where are the Soho settings stored?How do I register my SOHO? How do I change to a Dhcp private IP address?How do I allow any incoming service? How do I change to a static private IP address?How do I allow incoming IP protocols? How do I set up and disable Web blocking?Click Services and then click Allowed Incoming Services How do I set up VPN between two SOHOs? VPN ManagementHow do I reset the Soho to factory defaults? How do I reboot my SOHO?How do I set up my Soho for remote configuration? Set a password on my unit, but I forgot it. Can you help? How do I install a Soho using a Macintosh?How does the seat limitation on the Soho work? How do I get to the Soho Knowledge Base?What is a Soho feature key? Cant get a certain Soho feature to work with a DSL modemHow do I register for Live Security? How can I see the MAC address of my SOHO?IP addresses Configuring Services for a SohoHow does information travel on the internet? Services WatchGuard Soho servicesProtocol Port numberAllowing incoming services Network address translationClick Add a Service Adding a pre-configured incoming serviceSelect Allowed Incoming Services Creating a custom incoming service Adding an incoming TCP or UDP serviceClick Allowed Incoming Services. Click Add a Service Click Add Other TCP or UDP ServiceClick Add Other Service Adding an incoming service with another type of protocolAdding the Any service Click Allowed Incoming Services Removing an incoming serviceClick Add Any Service Click Remove a Service Blocking outgoing servicesBlocking a TCP or UDP service Select Blocked Outgoing Services Click Block TCP or UDP ServiceClick Blocked Outgoing Services Blocking an alternative protocolRemoving a blocked outgoing service Click Remove Blocked ServiceConfiguring Virtual Private Networking Why create a virtual private network?What you will need One WatchGuard Soho with VPN and an IPSec-compliant DeviceIP Address Table example About Feature Keys Obtaining a VPN Feature KeyEnabling the VPN Feature Key Step-by-step instructions for configuring a Soho VPN tunnelSpecial considerations Frequently asked questions Why do I need a static public address?How do I get a static public IP address? How do I connect three or four offices together?OK, ping is not working How do I obtain a VPN Feature Key?How do I enable a VPN Tunnel? Frequently asked questions Additional Soho Features Socks for SohoConfiguring your Socks application on the Soho Soho Socks implementationSelect Service Options Disabling Socks on the SohoSetting a remote log host Soho loggingViewing Soho log messages Click System InformationSelect Remote Logging Rebooting a WatchGuard SohoClick System Administration Rebooting a WatchGuard Soho WatchGuard Soho WebBlocker How WebBlocker worksWeb site not in WebBlocker database Web site in WebBlocker databaseWatchGuard WebBlocker database unavailable Bypassing the Soho WebBlockerSelect Web Blocking Configuring the Soho WebBlockerPurchasing and enabling Soho WebBlocker Enter the full access password WebBlocker categoriesAlcohol/Tobacco Satanic/Cult Search Engines Searching for blocked sites Click Check if the URL is on the CyberNOT ListIndex Primary IP address 44 secondary IP address TCP UDP