Manualshelf

User guide

ManualsBrandsWatchguard ManualsNetworkingFirebox X5-W
151152153154155156157158159160
User Guide 139
Configuring Virtual Private Networks
2 From the navigation bar, select VPN > Manual VPN.
The Manual VPN page appears.
3 Click Add.
The Add Gateway page appears.
4 Type the tunnel name and shared key.
The tunnel name is for your identification only.
The shared key is a passphrase that the devices use to encrypt and decrypt the data on the VPN tunnel. The two
devices must use the same passphrase, or they cannot encrypt and decrypt the data correctly.
Phase 1 settings
Internet Key Exchange (IKE) is a protocol used with VPN tunnels to manage keys automatically. IKE
negotiates and changes keys. Phase 1
authenticates the two sides and creates a key management
security association to protect tunnel data.
The default settings for Phase 1 are the same for all Firebox X Edge devices. Many users keep the factory
default settings.
Note
Make sure that the Phase 1 configuration is the same on the two devices.
To change Phase 1 configuration:
1 Select the negotiation mode from the drop-down list.
Note
You can use Main Mode only when the two devices have static IP addresses. If one or both of the devices
have external IP addresses that are dynamically assigned, you must use Aggressive Mode.
2 Enter the local ID and remote ID. Select the ID types—IP Address or Domain Name—from the
drop-down lists. Make sure this configuration is the same as the configuration on the remote
device.
Note that on the other device, the local ID type and remote ID type are reversed.