Editing a tunnel to a device – WatchGuard Technologies FireboxTM System 4.6 User Manual

Page 133

Advertising
background image

User Guide

123

Using DVCP to connect to devices

Note also that if you configure a SOHO for both Basic and Enhanced DVCP, the
gateway names must be different.

From Policy Manager:

1

Select Network => Branch Office VPN => Basic DVCP.

The DVCP Configuration dialog box appears.

2

Click Add.

3

Enter a distinctive name for the DVCP client. Enter the shared key. Click Next.

The client name appears in the DVCP Configuration dialog box as well as the Control Center

Firebox and Tunnel Status display.

4

Enter the address range which the DVCP client will be able to access.

5

Select a client type:

Telecommuter IP Address

The SOHO is assigned a single IP address. This is the device’s virtual IP
address on the Trusted network of the Firebox to which the device will be
allowed access.

SOHO Private Network

The SOHO is assigned an entire network.

6

Click Next.

7

Use the Type drop list to select an encryption type.

Options include: ESP (Encapsulated Security Payload) or Authentication Only.

8

Use the Authentication drop list to select an authentication method.

Options include: None (no authentication), MD5-HMAC (128-bit algorithm), and SHA1-HMAC

(160-bit algorithm).

9

Use the Encryption drop list to select an encryption method.

Options include: None (no encryption), DES-CBC (56-bit encryption), and 3DES-CBC (168-bit

encryption).

10 Enter values to set the interval to force key expiration. Enter traffic in kilobytes

and/or time in hours.

The default values are 8192 kilobytes or 24 hours.

11 Click Next. Click Finish.

The new policy appears in the DVCP Configuration dialog box. The WatchGuard device can now

be connected, powered on, and configured. As part of the configuration process, it will

automatically download the appropriate tunnel information. You must provide the DVCP client

administrator with the Client Name, shared key, and the server external interface IP address.

Editing a tunnel to a device

It is possible to change the properties of a DVCP tunnel without adversely impacting
the DVCP client. Properties of a tunnel that you can modify without forcing the client
to reboot include:

• Identification name

• Shared key

• Encryption/authentication level

• Timeouts

Advertising
Popular Brands
Popular manuals