WatchGuard Technologies WatchGuard Firebox SOHO 6 User Manual

User Guide

91

Set Up Multiple SOHO-SOHO VPN Tunnels

steps. Make sure that the Phase 1 settings on this device are the
same as on the peer device.

6

Select the type of negotiation for Phase 1. The two Mode Types
are Main and Aggressive. If your external IP address is
dynamic, you must use Aggressive Mode, otherwise you may
use either option.

7

Enter the local and remote ID types. These must match the
settings used on the remote gateway.

- If you are using Main Mode, the Local and Remote ID

Type must be an IP Address.

- If you are using Aggressive Mode, the Remote ID Type

may be either IP Address or Domain Name. If your
external IP address is fixed, the Local ID Type must be IP
address, otherwise your Local ID Type may be either
Domain Name or IP Address.

8

In the Local ID and Remote ID box, specify the name of the
local or remote network. The default is LocalID and RemoteID.
In the Type box, specify IP Address or Domain Name.

If you are in Main Mode, both the Local and Remote IDs must be IP

Address. If you are in Aggressive Mode and have a static IP address, the

Local ID must be IP Address and the Remote ID can be either IP Address

or Domain Name. If you are in Aggressive Mode and have a dynamic IP

address, the Local ID must be Domain Name and the Remote ID can be

either IP Address or Domain Name.

9

In the Authentication Algorithm drop list, specify the
authentication: MD5-HMAC (128-bit authentication) or SHA1-
HMCA (160-bit authentication).

10 In the Encryption Algorithm drop list, specify the type of

encryption: DES-CBC or 3DES-CBC.

11 Enter how many kilobytes until negotiation expiration.

12 Enter how many hours until negotiation expiration.