User guide
Branch Office Virtual Private Networks
248 Firebox X Edge e-Series
Sample VPN address information table
Item Description Assigned by
External IP Address The IP address that identifies the IPSec-compatible device on the
Internet. ISP Example:
Site A: 207.168.55.2
Site B: 68.130.44.15
ISP
Local Network
Address
An address used to identify a local network. These are the IP
addresses of the computers on each side that are allowed to send
traffic through the VPN tunnel. We recommend that you use an
address from one of the reserved ranges:
10.0.0.0/8—255.0.0.0
172.16.0.0/12—255.240.0.0
192.168.0.0/16—255.255.0.0
The numbers after the slashes indicate the subnet masks. /24
means that the subnet mask for the trusted network is
255.255.255.0. For more information on entering IP addresses in
slash notation, see this FAQ:
https://www.watchguard.com/support/advancedfaqs/
general_slash.asp You Example:
Site A: 192.168.111.0/24
Site B: 192.168.222.0/24
You
Shared Key The shared key is a passphrase used by two IPSec-compatible
devices to encrypt and decrypt the data that goes through the
VPN tunnel. The two devices use the same passphrase. If the
devices do not have the same passphrase, they cannot encrypt
and decrypt the data correctly.
Use a passphrase that contains numbers, symbols, lowercase
letters, and uppercase letters for better security. For example,
Gu4c4mo!3 is better than guacamole.
Example:
Site A: OurSharedSecret
Site B: OurSharedSecret
You
Encryption Method DES uses 56-bit encryption. 3DES uses 168-bit encryption. AES
encryption is available at the 128-bit, 192-bit, and 256-bit levels.
AES-256 bit is the most secure encryption. The two devices must
use the same encryption method.
Example:
Site A: 3DES; Site B: 3DES
You
Authentication The two devices must use the same authentication method.
Example:
Site A: MD5 (or SHA1)
Site B: MD5 (or SHA1)
You