Connecting two offices using Watchguard Firewalls.

Hello All,

We are planning on connecting a new smaller office to our main office using Watchguard firewalls. We currently have a Firebox x700 at our main and we plan to purchase a Firebox X20e-W for the new location. How would I need to go about the configuration so that the two offices are connected and would I need any additional software that I am unaware of.

Who is Participating?
You can create a site-to-site VPN tunnel between the two offices, called BOVPN in WG terms. You would need static IP at the end where you have x700; at X20e-W you can have static or dynamic IP.
If you have static IPs at both ends then you can create a Manual VPN tunnel; if dynamic at X20e-W then also you can create VPN without purchasing any DNS or FQDN by using DVCP on the WG.

If you have VPN Manager [called management server from WSM/WFS version 8.3.1 or higher]; then you get a wizard to configure VPNs for you.

By default X20e-W comes with default 15 BOVPN licenses; X700 comes with default 100 BOVPN licenses.

Please let me know if you need any specific steps in configuring the VPN tunnels.

Thank you.
Could I just add that you do not need VP Manager or DVCP to connect a site with dynamic IP to your main site. I have a couple of sites using dynamic addressing and connecting via manual IPSec VPN just fine.  You just set the remote gateway to use domain name to authenicate and choose a shared 'name', a nice long shared secret and set the remote gateway type to aggressive.  The only downside is that the tunnel must be initiated from the remote end and you need a keepalive to keep the tunnel open.  The Edge has a VPN keepalive option to achieve this.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.