WatchGuard Technologies SOHO 6.1 manual What You Need

Page 102

Chapter 8: VPN—Virtual Private Networking

What You Need

One WatchGuard SOHO 6 with VPN and an IPSec- compliant appliance.

NOTE

While you can create a SOHO 6 to SOHO 6 VPN, you can also create a VPN with a WatchGuard Firebox II/III, Firebox Vclass, or other IPSec- compliant appliances.

The following information from your Internet service provider for both appliances:

-Static IP address

-Primary DNS (Domain Name Service) IP address (optional)

-If available, a secondary DNS address

-Domain name (optional)

Network addresses and subnet mask for networks. By default, the Trusted network address of the SOHO 6 is 192.168.111.0 and the subnet mask is 255.255.255.0.

NOTE

The internal networks on either end of the VPN tunnel must use different network addresses.

To create an IPSec tunnel between appliances you must add information to the configuration files of each that is specific to the site, such as external and trusted IP addresses. It is imperative to keep these addresses accurate. WatchGuard recommends making a table of IP addresses such as the one outlined below.

84

WatchGuard Firebox SOHO 6.1

Page 101 Page 103
Image 102
Page 101 Page 103
Contents WatchGuard Firebox Soho User Guide Using this Guide Following conventions are used in this guideCE Notice Certifications and NoticesFCC Certification Industry CanadaVcci Notice Class a ITE Declaration of Conformity Watchguard Soho Software END-USER License Agreement User Guide Vii Viii WatchGuard Firebox Soho Copyright, Trademark, and Patent Information WatchGuard Firebox Soho User Guide Xii WatchGuard Firebox Soho Contents Configure the Network Interfaces Configure the Firewall Settings VPN-Virtual Private Networking Index 117 Xviii WatchGuard Firebox Soho Introduction WelcomePackage Contents How Does a Firewall Work? How Does Information Travel on the Internet? IP addressesProtocol Port numbers ServicesHow Does the Soho 6 Process Information? Network Address TranslationFaster Processor Soho 6 Hardware DescriptionSoho 6 front and rear views Ethernet ports100 StatusLink ModeOPT port WAN port Reset buttonPower input Numbered portsIntroduction WatchGuard Firebox Soho Installation Before You Begin Review and record your current TCP/IP settingsClick Start = Programs = Accessories = Command Prompt Microsoft Windows 2000 and Windows XPMacintosh Microsoft Windows NTMicrosoft Windows 95 or 98 or ME Other operating systems Unix, LinuxDisable the Http proxy setting of your Web browser Exit the TCP/IP configuration screenNetscape Click Edit = PreferencesInternet Explorer 5.0, 5.5, Enable your computer for DhcpClick Start = Settings = Control Panel Click Tools = Internet OptionsClick Properties Physically connect the Soho Cabling the Soho 6 for one to four appliances Cabling the Soho 6 for more than four computers Physically connect the Soho Soho 6 is now connected to the Internet and your hub Soho 6 Basics Soho 6 Home Page-System StatusSoho 6 Basics Default Factory Settings External NetworkTrusted Network Upgrade Options Reset a Soho 6 to factory defaultFirewall Settings System SecurityRegister your Soho 6 and Activate the LiveSecurity Service Base model SohoReboot the Soho Reboot the Soho Soho 6 Basics WatchGuard Firebox Soho Configure Network Interfaces Configure Your External NetworkNetwork addressing Configure the Soho 6 External Network for dynamic addressing Configure the Soho 6 External Network for static addressing Manual ConfigurationNetwork = External Configure the Soho 6 External Network for PPPoE Click Automatically restore lost connections Configure the Trusted Network Configure Dhcp Server and Dhcp RelayTrusted Network Configuration page appears Configure additional computers on the Trusted Network Configure the Trusted Network with static addresses Network = TrustedConfigure Static Routes Click Add View Network Statistics Network = Network StatisticsConfigure the Dynamic DNS Service Select the Enable Dynamic DNS client checkboxNetwork = DynamicDNS Configure OPT Port Upgrades Configure Dual ISP PortConfigure OPT Port Upgrades Network = Dual ISP Configure VPNforce Port Network = Optional Configure OPT Port Upgrades Configure the Network Interfaces WatchGuard Firebox Soho Administrative Options System Security System managementAdministration = System Security Set up VPN Manager Access Soho Remote ManagementAdministration = VPN Manager Access Select Enable VPN Manager AccessUpdate Your Firmware Administration = UpdateRedeem your Soho 6 Upgrade Options Administration = Upgrade Upgrade optionsSeat Licenses VPNforce Port LiveSecurity Service Subscription RenewalsDual ISP Port IPSec Virtual Private Networking VPNView the Configuration File Administration = View Configuration FileConfigure Firewall Settings Firewall SettingsConfigure Incoming and Outgoing Services Pre-configured ServicesFirewall = Incoming or Outgoing Create a Custom Service Firewall = Custom Service Custom Service page refreshesBlock External Sites Blocked Sites page appears Firewall Options Firewall = Firewall OptionsPing requests received on the External Network Denying FTP access to the Trusted Network interfaceSelect Do not allow FTP access to Trusted Network Socks implementation for the SohoConfiguring your Socks application Logging all allowed outbound traffic Disabling Socks on the SohoEnable override MAC address for the External Network Select Log All Allowed Outbound AccessSelect Enable override MAC address for the External Network Select Enable pass through address Create an Unrestricted Pass ThroughFirewall = Pass Through Create an Unrestricted Pass Through Configure the Firewall Settings WatchGuard Firebox Soho Configure Logging View Soho 6 Log Messages From the navigation bar on the left side, select LoggingTo have your log messages synchronize with your computer Select Enable WatchGuard Security Event Processor Logging Set up Logging to a Syslog Host Select Enable syslog outputLogging = Syslog Logging Set the System Time Select Include local time in syslog messageSelect Adjust for daylight savings time Select a time zone from the drop listConfigure Logging WatchGuard Firebox Soho Why Create a Virtual Private Network? VPN-Virtual Private NetworkingWhat You Need IP Address Table example Enable the VPN Upgrade Special Considerations Frequently Asked QuestionsWhy do I need a static external address? How do I get a static external IP address?How do I enable a VPN Tunnel? Why is ping not working?How do I obtain a VPN upgrade license key? How do I troubleshoot the connection?Set Up Multiple SOHO-SOHO VPN Tunnels VPN = Manual VPNSoho 6 you want to set up a VPN tunnel Enter the Name, IPSec Gateway Address, and Shared Key forSet Up Multiple SOHO-SOHO VPN Tunnels Forward Secrecy Configure Split Tunneling Muvpn ClientsView the VPN Statistics StatisticsSoho 6 WebBlocker How WebBlocker WorksWeb site not in the WebBlocker database Web site in the WebBlocker databaseWatchGuard WebBlocker database unavailable Bypass the Soho 6 WebBlocker Purchase and Activate Soho 6 WebBlockerWebBlocker users and groups GroupsConfigure the Soho 6 WebBlocker WebBlocker = SettingsActivate WebBlocker Select Enable WebBlocking Create WebBlocker Groups and UsersClick New to create a group name and profile Click Submit To the right of the Users field, click New WebBlocker Categories Alcohol/tobaccoIllegal Gambling Satanic/cult Militant/extremistDrug Culture IntoleranceSearch Engines Gross DepictionsViolence/profanity Sports and LeisureSexual Acts Full NudityPartial/artistic Nudity Troubleshooting Tips Support ResourcesGeneral How do I register my Soho 6 with the LiveSecurity Service? How do I restart my Soho 6?What is a Soho 6 Feature Key? Cant get a certain Soho 6 feature to work with a DSL modemHow does the seat limitation on the Soho 6 work? 110 How do I set up Dhcp on the trusted network of the Soho 6? ConfigurationWhere are the Soho 6 settings stored? Select Enable Dhcp Server and then click SubmitDisable Enable Dhcp Server and then click Submit How do I set up and disable Webblocker?How do I change to a static, trusted IP address? Firewall = Incoming VPN Management How do I set up my Soho 6 for VPN Manager Access? How do I set up VPN to a Soho 6s?Online Documentation and In-Depth FAQs Contact Technical supportIndex NumericsWAN Socks Redeeming 57 types Upgrade page 58 upgrading Processor WebBlocker 122
Related manuals
Manual 8 pages 29.02 Kb
Top Page Image Contents