Manual VPN: Setting Up Manual VPN Tunnels
User Guide
185
To change the Phase 2 settings:
1
Select the authentication method from the
Authentication
Algorithm
drop-down list.
2
Select the encryption algorithm from the
Encryption Algorithm
drop-down list.
3
To use Perfect Forward Secrecy, select the
Enable Perfect
Forward Secrecy
check box.
This option makes sure that each new key comes from a new Diffie-
Hellman exchange. This option makes the negotiation more secure, but
uses more time and computer resources.
4
Type the number of kilobytes and the number of hours until the
Phase 2 key expires.
To make the key not expire, enter zero (0). For example, 24 hours and
zero (0) kilobytes means that the Phase 2 key is renegotiated each 24
hours no matter how much data ha
s pa
ssed.
5
Type
the IP address of the local network and the remote
networks that will send encrypted traffic across the VPN.
You must enter network addresses in “slash” notation (also known as
CIDR or Classless Inter Domain Routing notation). For more information
on how to enter IP addresses in slash notation, see this FAQ:
http://www.watchguard.com/support/advancedfaqs/general_slash.asp.
6
Click
Add
.
Repeat step 5 if you must add additional networks.
Summary of Contents for Firebox X15
Page 14: ...xiv WatchGuard Firebox X Edge...
Page 42: ...Installing the Firebox X Edge 28 WatchGuard Firebox X Edge...
Page 72: ...Configuration and Management Basics 58 WatchGuard Firebox X Edge...
Page 146: ...Configuring Logging and System Time 132 WatchGuard Firebox X Edge...
Page 168: ...Managing Users and Groups 154 WatchGuard Firebox X Edge...
Page 204: ...Configuring Virtual Private Networks 190 WatchGuard Firebox X Edge...
Page 242: ...228 WatchGuard Firebox X Edge...
Page 249: ...Certifications and Notices User Guide 235 Taiwanese Notices...
Page 250: ...236 WatchGuard Firebox X Edge Declaration of Conformity...