User guide
Configuring Virtual Private Networks
96 WatchGuard Firebox X Edge
Sample
VPN Address Information Table
Item Description Assigned
By
External IP
Address
The IP address that identifies the IPSec-
compatible device to the Internet.
ISP
Site A: 207.168.55.2
Site B: 68.130.44.15
External
Subnet Mask
The bitmask that shows which part of the IP
address identifies the local network. For
example, a class C address includes 256
addresses and has a netmask of
255.255.255.0.(Only 254 of the IP addresses
in that subnet can be assigned to computers.)
ISP
Site A: 255.255.255.0
Site B: 255.255.255.0
Local Network
Address
An address used to identify a local network. A
local network address cannot be used as an
external IP address. WatchGuard recommends
that you use an address from one of the
reserved ranges:
10.0.0.0/8—255.0.0.0
172.16.0.0/12—255.240.0.0
192.168.0.0/16—255.255.0.0
The numbers after the slashes indicate the
subnet masks. /24 means that the subnet
mask for the trusted network is
255.255.255.0. For more information on
entering IP addresses in slash notation, see the
following FAQ:
https://www.watchguard.com/support/
advancedfaqs/general_slash.asp
You
Site A: 192.168.111.0/24
Site B: 192.168.222.0/24
Shared Secret The shared secret is a passphrase used by two
IPSec-compatible appliances to encrypt and
decrypt the data that goes through the VPN
tunnel. The two appliances use the same
passphrase. If the appliances do not have the
same passphrase, they cannot encrypt and
decrypt the data correctly.
Use a passphrase that contains numbers,
symbols, lowercase letters, and uppercase
letters for better security. For example,
“Gu4c4mo!3” is better than “guacamole”.
You
Site A: OurLittleSecret
Site B: OurLittleSecret