User guide

ManualsBrandsWatchguard ManualsComputer equipmentWireless Router

161

162

163

164

165

166

167

168

169

170

Configuring Virtual Private Networks

150 WatchGuard Firebox X Edge

the devices cannot be made unless the two devices know how to

find each other.

You can use Dynamic DNS. For information, see “Registering with

the Dynamic DNS Service” on page 66.

How do I get a static external IP address?

You get the external IP address for your computer or network from

your ISP or an administrator. Many ISPs use dynamic IP addresses to

make their networks easier to configure and use with many users.

Most ISPs can give you a static IP address as an option.

How do I troubleshoot the connection?

If you can send a ping to the trusted interface of the remote Fire-

box® X Edge and the computers on the remote network, the VPN

tunnel is up. The configuration of the network software or the soft-

ware applications are possible causes of other problems.

Why is ping not working?

If you cannot send a ping the local interface address of the remote

Firebox X Edge, follow these steps:

1 Ping the external address of the remote Firebox X Edge.

For example, at Site A, ping 68.130.44.15 (Site B). If the ping packet does

not come back, make sure the external network settings of Site B are

correct. (Site B must be configured to respond to ping requests on that

interface.) If the settings are correct, make sure that the computers at

Site B have Internet access. If the computers at site B do not have

Internet access, speak to a service person at your ISP.

2 If you can ping the external address of each Firebox X Edge, try

to ping a local address in the remote network.

From Site A, ping 192.168.111.1. If the VPN tunnel is up, the remote

Firebox X Edge sends the ping back. If the ping does not come back,

make sure the local configuration is correct. Make sure that the local

DHCP address ranges for the two networks connected by the VPN tunnel

do not use any of the same IP addresses. The two networks connected by

the tunnel must not use the same IP addresses.

How do I set up more than the number of allowable

VPNs on my Firebox X Edge?

The number of VPN tunnels that you can create on your Firebox X

Edge is set by the Edge model you have. You can purchase a model

upgrade for your Edge to make more VPN tunnels. You can purchase

a Firebox X Edge Model Upgrade from a reseller or from the Watch-

Guard® Web site:

http://www.watchguard.com/sales/buyonline.asp