• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 272
  • Last Modified:

Connecting two offices using Watchguard Firewalls.

Hello All,

We are planning on connecting a new smaller office to our main office using Watchguard firewalls. We currently have a Firebox x700 at our main and we plan to purchase a Firebox X20e-W for the new location. How would I need to go about the configuration so that the two offices are connected and would I need any additional software that I am unaware of.

1 Solution
You can create a site-to-site VPN tunnel between the two offices, called BOVPN in WG terms. You would need static IP at the end where you have x700; at X20e-W you can have static or dynamic IP.
If you have static IPs at both ends then you can create a Manual VPN tunnel; if dynamic at X20e-W then also you can create VPN without purchasing any DNS or FQDN by using DVCP on the WG.

If you have VPN Manager [called management server from WSM/WFS version 8.3.1 or higher]; then you get a wizard to configure VPNs for you.

By default X20e-W comes with default 15 BOVPN licenses; X700 comes with default 100 BOVPN licenses.

Please let me know if you need any specific steps in configuring the VPN tunnels.

Thank you.
Could I just add that you do not need VP Manager or DVCP to connect a site with dynamic IP to your main site. I have a couple of sites using dynamic addressing and connecting via manual IPSec VPN just fine.  You just set the remote gateway to use domain name to authenicate and choose a shared 'name', a nice long shared secret and set the remote gateway type to aggressive.  The only downside is that the tunnel must be initiated from the remote end and you need a keepalive to keep the tunnel open.  The Edge has a VPN keepalive option to achieve this.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now