Watchguard XTM - Specify specific IP address from block as source for BOVPN?

e-matters
e-matters used Ask the Experts™
on
Our ISP has given us a block IP addresses, and a gateway on a different subnet. We must use PPPoE to connect. We want to use these addresses on a Watchguard XTM box using Fireware 12.1.1

We have set the PPPoE connection to use the gateway IP address, and added the 5 main IP addresses as secondary ones on the external interface. These can be thought of as follows (not the actual IP addresses):

Gateway : 80.80.79.79
Assigned IP Range 80.80.80.1/29

When trying to configure a BOVPN, we would like our IP address to show as 80.80.80.1 but it always appears as 80.80.79.79.

We've modified the other firewall policies such as HTTPS client to use one of the IP addresses in the block and this works fine, just not the BOVPN one. Can someone direct me to where I should specify the IP address for the BOVPN?

Thanks.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2007
Commented:
You cannot use secondary interface IP address as a BOVPN gateway endpoint, rather you should configure Multi-WAN and configure the different IP address as different external interface.
Now you can specify the new external interface and this would work.

Please read below for more details:
https://www.watchguard.com/help/docs/fireware/12/en-US/Content/en-US/bovpn/manual/define_gateway_endpts_c.html
https://www.watchguard.com/help/docs/fireware/12/en-US/Content/en-US/bovpn/manual/vpn_failover_about_c.html

Thank you!

Author

Commented:
Thanks for the info and links. Didn’t realise this.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial