I have an Watchguard Edgex15w connected to an ISP which only issues the one public IP address, therefore I have had to configure the edge's External interface with a PPPoE Static IP.
I am having difficulty creating a BOVPN to our main site (WSM 8.0, X-Core1000).
I have tried using the Domain and the ISP provided IP as the gateway with no luck.
Any ideas would be greatly appreciated.
If you are setting up a manual BOVPN tunnel between two devices with FIXED IP, then you need to do something like this:
Open the configuration manager, select Network/Manual BOVPN, then create a GATEWAY - this is the remote connection you want to connect too, give it a name, select REMOTE ID TYPE = IP Address, enter the firewalls external (remote firewall) IP address, then create a shared key, then select LOCAL ID TYPE = IP Address, SHA1, 3DES, DH Group 1, Enable Agressive Mode = Yes
Now you need a Tunnel, Give it a name, then Phase 2 settings, ESP, SHA1,
3DES, default Key Exp....Now you need a routing policy, if you want the entire network on each end to see the other, you need to select LOCAL/REMOTE to "Network" and then set the LOCAL (your local side) to the IP RANGE of your local network (such as 192.168.10.0/24) and then remote network IP RANGE as something like (192.168.16.0/24) - the two networks can not have the same IP Range and CAN NOT be in the same subnet. Now select "Secure" and then pick the Tunnel name you created above.
Save to firebox.
Do this same thing on the other firebox - you need to reverse the IP addresses above.
Now, after you do this, you need to create a RULE that will allow the two networks to share, as the tunnel is just a tunnel, it only talks tunnel to tunnel, not passing anything except to the firewalls. The rule lets you determine what can pass from one network to the other. You could do an ANY rule where you allow 192.168.10.0/24 to 192.168.16.0/24 and the reverse.....
Post back if you need more help.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.