Manuals / WatchGuard Technologies / Computer Equipment / Network Router

WatchGuard Technologies FireboxTM System 4.6 Configuring a tunnel with manual security

Models: FireboxTM System 4.6

1 170
Download 170 pages 21.61 Kb
Page 136
Image 136

Branch office VPN with IPSec

Removing a gateway

From the Configure Gateways dialog box:

1Click the gateway.

2 Click Remove.

Configuring a tunnel with manual security

A tunnel encapsulates packets between two gateways. It specifies encryption type and/or authentication method. A tunnel also specifies endpoints. The following describes how to configure a tunnel using a gateway with the manual key negotiation type. From the IPSec configuration dialog box:

1Click Tunnels.

2To add a new tunnel, click Add.

3Click a gateway with manual key negotiation type to associate with this tunnel. Click OK.

4Type a tunnel name.

Policy Manager uses the tunnel name as an identifier.

5Click the Manual Security tab.

6 Click Settings.

7Click either the ESP or AH security method option. Configure the chosen security

method.

For more information, see “Using Encapsulated Security Protocol (ESP)” on page 126 and “Using Authenticated Headers (AH)” on page 127.

8To use the same settings for both incoming and outgoing traffic, enable the Use

Incoming Settings for Outgoing checkbox.

If you enable this checkbox, you are done with the Security Association Setup dialog box and can proceed to the next step. If you clear this checkbox, click the Outgoing tab and configure the security associations for outgoing traffic. The fields have the same rules and parameter ranges as the Incoming tab.

9Click OK.

The Configure Tunnels dialog box appears displaying the newly created tunnel. Repeat the tunnel creation procedure until you have created all tunnels for this particular gateway.

10After you add all tunnels for this gateway, click OK.

The Configure Gateways dialog box appears.

11To configure more tunnels for another gateway, click Tunnels. Select a new gateway and repeat the tunnel creation procedure for that gateway.

12When all the tunnels are created, click OK.

Using Encapsulated Security Protocol (ESP)

1Type or use the SPI scroll control to identify the Security Parameter Index (SPI).

You must select a number between 257 and 1023.

2Use the Encryption drop list to select an encryption method.

Options include: None (no encryption), DES-CBC (56-bit), and 3DES-CBC (168-bit).

3Click Key.

4Type a passphrase. Click OK.

The passphrase appears in the Encryption Key field. You cannot enter a key here directly.

126

Page 135 Page 137
Page 136
Image 136
WatchGuard Technologies FireboxTM System 4.6 Configuring a tunnel with manual security, Removing a gateway
Page 135 Page 137