User's Manual
Table Of Contents
- WatchGuard® Firebox® X Edge User Guide
- Certifications and Notices
- Declaration of Conformity
- Notice to Users
- WatchGuard Firebox Software
- End-User License Agreement
- Copyright, Trademark, and Patent Information
- Limited Hardware Warranty
- Abbreviations Used in this Guide
- CHAPTER 1 Introduction to Network Security
- CHAPTER 2 Installing the Firebox® X Edge
- CHAPTER 3 Configuration and Management Basics
- CHAPTER 4 Changing Your Network Settings
- Using the Network Setup Wizard
- Configuring the External Network
- Configuring the Trusted Network
- Configuring the Optional Network
- Enabling the optional network
- Changing the IP address of the optional network
- Using DHCP on the optional network
- Setting optional network DHCP address reservations
- Configuring the optional network for DHCP relay
- Using static IP addresses for optional computers
- Adding computers to the optional network
- Requiring encrypted connections
- Making Static Routes
- Viewing Network Statistics
- Registering with the Dynamic DNS Service
- Enabling the WAN Failover Option
- Enabling External Modem Failover
- CHAPTER 5 Setting up the Firebox X Edge Wireless
- CHAPTER 6 Configuring Firewall Settings
- CHAPTER 7 Configuring Logging
- CHAPTER 8 Configuring WebBlocker
- CHAPTER 9 Configuring Virtual Private Networks
- CHAPTER 10 Configuring the MUVPN Client
- CHAPTER 11 Managing the Firebox® X Edge
- Viewing Current Sessions and Users
- About User Authentication
- Adding or Editing a User Account
- About Seat Licenses
- Selecting HTTP or HTTPS for Firebox Management
- Changing the HTTP Server Port
- Setting up VPN Manager Access
- Updating the Firmware
- Activating Upgrade Options
- Enabling the Model Upgrade Option
- Configuring Additional Options
- Viewing the Configuration File
- APPENDIX A Firebox®X Edge Hardware
- Index
Using a DVCP server to create your VPN tunnels
User Guide 111
Using a DVCP server to create your VPN tunnels
Dynamic VPN Configuration Protocol (DVCP) is the WatchGuard
protocol that creates IPSec tunnels. The VPN tunnel configurations
are saved on the DVCP server. This decreases the work for the
administrator.
You can only use a Firebox III or Firebox X model as a DVCP server.
You can easily create tunnels on the Firebox X Edge by configuring
it as a DVCP client.
There are two kinds of DVCP servers:
• Basic DVCP - All Firebox III and Firebox X models
• VPN Manager - Firebox III 1000 or above, Firebox X700 or
above
For more information, see the FAQ:
https://www.watchguard.com/support/advancedFAQs/
basicdvcp_whatis.asp
Setting up management for a dynamic Edge device
Use this procedure for a Firebox X Edge device with a dynamic IP
address for the external interface.
1 Type the IP address of the trusted network in your browser
window to connect to the System Status page of the Firebox X
Edge.
The default IP address is: https://192.168.111.1.
Item Description Assigned
By
Encryption
Method
DES uses 56-bit encryption. 3DES uses 168-bit
encryption. The 3DES encryption method is more
secure, but slower. The two devices must use
the same encryption method.
You
Site A: 3DES
Site B: 3DES
Authentication The two devices must use the same
authentication method.
You
Site A: MD5 (or SHA1)
Site B: MD5 (or SHA1)