User's Manual
Table Of Contents
- WatchGuard® Firebox® X Edge User Guide
- Certifications and Notices
- Declaration of Conformity
- Notice to Users
- WatchGuard Firebox Software
- End-User License Agreement
- Copyright, Trademark, and Patent Information
- Limited Hardware Warranty
- Abbreviations Used in this Guide
- CHAPTER 1 Introduction to Network Security
- CHAPTER 2 Installing the Firebox® X Edge
- CHAPTER 3 Configuration and Management Basics
- CHAPTER 4 Changing Your Network Settings
- Using the Network Setup Wizard
- Configuring the External Network
- Configuring the Trusted Network
- Configuring the Optional Network
- Enabling the optional network
- Changing the IP address of the optional network
- Using DHCP on the optional network
- Setting optional network DHCP address reservations
- Configuring the optional network for DHCP relay
- Using static IP addresses for optional computers
- Adding computers to the optional network
- Requiring encrypted connections
- Making Static Routes
- Viewing Network Statistics
- Registering with the Dynamic DNS Service
- Enabling the WAN Failover Option
- Enabling External Modem Failover
- CHAPTER 5 Setting up the Firebox X Edge Wireless
- CHAPTER 6 Configuring Firewall Settings
- CHAPTER 7 Configuring Logging
- CHAPTER 8 Configuring WebBlocker
- CHAPTER 9 Configuring Virtual Private Networks
- CHAPTER 10 Configuring the MUVPN Client
- CHAPTER 11 Managing the Firebox® X Edge
- Viewing Current Sessions and Users
- About User Authentication
- Adding or Editing a User Account
- About Seat Licenses
- Selecting HTTP or HTTPS for Firebox Management
- Changing the HTTP Server Port
- Setting up VPN Manager Access
- Updating the Firmware
- Activating Upgrade Options
- Enabling the Model Upgrade Option
- Configuring Additional Options
- Viewing the Configuration File
- APPENDIX A Firebox®X Edge Hardware
- Index
What You Need to Create a VPN
User Guide 109
VPN requirements
Before you configure your WatchGuard Firebox X Edge VPN net-
work:
• You can connect a maximum of 10 Firebox X Edge devices
together in a star configuration. To configure more VPN
tunnels, a WatchGuard Firebox III or Firebox X and WatchGuard
VPN Manager is necessary.
• WatchGuard recommends that each VPN device has a static IP
address. Configuring a VPN tunnel between devices that use
dynamic IP addresses can cause problems. See “Network
addressing” on page 5 for more information about dynamic IP
addresses. Dynamic IP address problems can be resolved with
Dynamic DNS. For Dynamic DNS configuration information,
see “Registering with the Dynamic DNS Service” on page 62.
• VPN devices must use the same encryption method, DES or
3DES.
• If you connect two Microsoft Windows NT networks, they must
be in the same Microsoft Windows domain, or they must be
trusted domains. This is a Microsoft Networking issue, and not a
limitation of the Firebox X Edge.
We recommend that you record your Firebox X Edge configuration.
Use the Sample VPN Address Information table on the next page to
write down this information.