Chapter 8: VPN—Virtual Private Networking
84 WatchGuard Firebox SOHO 6.1
What You Need• One WatchGuard SOHO 6 with VPN and an IPSec-
compliant appliance.
NOTE
While you can create a SOHO 6 to SOHO 6 VPN, you can also create a
VPN with a WatchGuard Firebox II/III, Firebox Vclass, or other IPSec-
compliant appliances.
• The following information from your Internet service
provider for both appliances:
- Static IP address
- Primary DNS (Domain Name Service) IP address
(optional)
- If available, a secondary DNS address
- Domain name (optional)
• Network addresses and subnet mask for networks. By
default, the Trusted network address of the SOHO6 is
192.168.111.0 and the subnet mask is 255.255.255.0.
NOTE
The internal networks on either end of the VPN tunnel must use different
network addresses.
To create an IPSec tunnel between appliances you must add
information to the configuration files of each that is specific to the
site, such as external and trusted IP addresses. It is imperative to
keep these addresses accurate. WatchGuard recommends making
a table of IP addresses such as the one outlined below.