Using DVCP to connect to devices
Note also that if you configure a SOHO for both Basic and Enhanced DVCP, the gateway names must be different.
From Policy Manager:
1Select Network => Branch Office VPN => Basic DVCP.
The DVCP Configuration dialog box appears.
2Click Add.
3Enter a distinctive name for the DVCP client. Enter the shared key. Click Next.
The client name appears in the DVCP Configuration dialog box as well as the Control Center Firebox and Tunnel Status display.
4Enter the address range which the DVCP client will be able to access.
5 Select a client type:
Telecommuter IP Address
The SOHO is assigned a single IP address. This is the device’s virtual IP address on the Trusted network of the Firebox to which the device will be allowed access.
SOHO Private Network
The SOHO is assigned an entire network.
6Click Next.
7Use the Type drop list to select an encryption type.
Options include: ESP (Encapsulated Security Payload) or Authentication Only.
8Use the Authentication drop list to select an authentication method.
Options include: None (no authentication),
9Use the Encryption drop list to select an encryption method.
Options include: None (no encryption),
10Enter values to set the interval to force key expiration. Enter traffic in kilobytes
and/or time in hours.
The default values are 8192 kilobytes or 24 hours.
11Click Next. Click Finish.
The new policy appears in the DVCP Configuration dialog box. The WatchGuard device can now be connected, powered on, and configured. As part of the configuration process, it will automatically download the appropriate tunnel information. You must provide the DVCP client administrator with the Client Name, shared key, and the server external interface IP address.
Editing a tunnel to a device
It is possible to change the properties of a DVCP tunnel without adversely impacting the DVCP client. Properties of a tunnel that you can modify without forcing the client to reboot include:
•Identification name
•Shared key
•Encryption/authentication level
•Timeouts
User Guide | 123 |
