Watchguard Firebox X5-W Betriebsanweisung Seite 156
- Seite / 234
- Inhaltsverzeichnis
- FEHLERBEHEBUNG
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Configuring Virtual Private Networks
140 Firebox X Edge e-Series
- If your Firebox X Edge or remote VPN device has a static external IP address, set the local ID
type to IP Address. Type the external IP address of the Edge or device as the local ID.
- If your Firebox X Edge or remote VPN device has a dynamic external IP address, you must
select Aggressive Mode and the device must use Dynamic DNS. For more information, see
“Registering with the Dynamic DNS Service” on page 58. Set the local ID type to Domain
Name. Enter the DynDNS domain name of the device as the local ID.
Note
If your Firebox X Edge external interface has a private IP address instead of a public IP address, then your
ISP or the Internet access device connected to the Edge’s external interface (modem or router) does
Network Address Translation (NAT). See the instructions at the end of this section if your Edge’s external
interface has a private IP address.
3 Select the type of authentication from the Authentication Algorithm drop-down list.
The options are MD5-HMAC (128-bit authentication) or SHA1-HMAC (160-bit authentication).
4 From the Encryption Algorithm drop-down list, select the type of encryption.
The options are DES-CBC or 3DES-CBC.
5 Type the number of kilobytes and the number of hours until the IKE negotiation expires.
To make the negotiation never expire, enter zero (0). For example, 24 hours and zero (0) kilobytes means that the
phase 1 key is negotiated every 24 hours no matter how much data has passed.
6 Select the group number from the Diffie-Hellman Group drop-down list. We support group 1 and
group 2.
Diffie-Hellman groups securely negotiate secret keys through a public network. Group 2 is more secure than group 1,
but uses more processing power and more time.
7 Select the Send IKE Keep Alive Messages check box to help find when the tunnel is down.
Select this check box to send short packets across the tunnel at regular intervals. This helps the two devices to see if
the tunnel is up. If the Keep Alive packets get no response after three tries, the Firebox X Edge starts the tunnel
again.
Note
The IKE Keep Alive feature is different from the VPN Keep Alive feature in “VPN Keep Alive,” on page 142.
If your Edge is behind a device that does Network Address Translation (NAT)
The Firebox X Edge e-Series can use NAT Traversal. This means that you can make VPN tunnels if your ISP
does NAT (Network Address Translation) or if the external interface of your Edge is connected to a
device that does NAT. We recommend that the Firebox X Edge external interface have a public IP
address. If that is not possible, use this section for more information.
Devices that do NAT frequently have some basic firewall features built into them. To make a VPN tunnel
to your Firebox X Edge e-Series when the Edge is behind a device that does NAT, the NAT device must let
the traffic through. These ports and protocols must be open on the NAT device:
• UDP port 500 (IKE)
• UDP port 4500 (NAT Traversal)
• IP protocol 50 (ESP)
Speak with the NAT device’s manufacturer for information on opening these ports and protocols on the
NAT device.
If your Firebox X Edge e-Series external interface has a private IP address, you cannot use an IP address
as the local ID type in the Phase 1 settings. Because private IP addresses cannot get through the Inter-
net, the other device cannot find the private external IP address of your Edge through the Internet.
• If the NAT device to which the Firebox X Edge is connected has a dynamic public IP address:
- WatchGuard 1
- Notice to Users 2
- WatchGuard Firebox Software 2
- End-User License Agreement 2
- User Guide iii 3
- Firmware Version: 8.0 5
- Part Number: 1776-0000 5
- Guide Version: 8.0 5
- Contents 7
- User Guide ix 9
- User Guide xi 11
- User Guide xiii 13
- User Guide xv 15
- Network Security 17
- About Networks 17
- Connecting to the Internet 18
- Protocols 18
- IP Addresses 19
- Domain Name Service (DNS) 20
- Services 20
- User Guide 5 21
- Firewalls 22
- User Guide 7 23
- 8 Firebox X Edge e-Series 24
- Installation Requirements 25
- About network addressing 26
- TCP/IP properties 27
- PPPoE settings 28
- PPPoE Setting Value 29
- Connecting the Firebox X Edge 31
- About session licenses 32
- Using the Quick Setup Wizard 34
- User Guide 19 35
- User Guide 21 37
- 1 Start your web browser 38
- Using the navigation bar 39
- Configuration Overview 40
- Network page 41
- Firebox Users page 42
- Administration page 42
- Firewall page 43
- Logging page 44
- WebBlocker page 45
- VPN page 45
- Wizards page 46
- WAN Failover Setup Wizard 47
- 32 Firebox X Edge e-Series 48
- Configuration and Management 49
- Restarting the Firebox 50
- Setting the System Time 51
- Changing the HTTP Server Port 53
- Activating Upgrade Options 58
- Upgrade options 59
- 44 Firebox X Edge e-Series 60
- User Guide 45 61
- If your ISP uses DHCP 62
- User Guide 47 63
- If your ISP uses PPPoE 64
- User Guide 49 65
- 50 Firebox X Edge e-Series 66
- User Guide 53 69
- Enabling the optional network 70
- Making Static Routes 73
- 6 Click Submit 74
- 7 Click Submit 76
- Using the Network page 77
- 62 Firebox X Edge e-Series 78
- Configuring BIDS 79
- 64 Firebox X Edge e-Series 80
- User Guide 65 81
- 66 Firebox X Edge e-Series 82
- None (disable wireless) 83
- Bridge to Trusted 83
- Bridge to Optional 83
- Setting the SSID 84
- Controlling SSID broadcasts 84
- Logging authentication events 84
- Setting the wireless mode 85
- Configuring encryption 86
- 5 Click Add 88
- Enabling guest services 89
- Setting password protection 89
- User Guide 75 91
- 76 Firebox X Edge e-Series 92
- Configuring Incoming Services 94
- 80 Firebox X Edge e-Series 96
- Configuring Outgoing Services 99
- Configuring Firewall Settings 100
- 84 Firebox X Edge e-Series 100
- User Guide 85 101
- 8 Click Add 102
- User Guide 87 103
- 88 Firebox X Edge e-Series 104
- Blocking External Sites 105
- Configuring Firewall Options 105
- Responding to ping requests 106
- Log denied spoofed traffic 107
- 5 Click Submit 108
- Managing Network Traffic 109
- Traffic Categories 110
- Configuring Traffic Control 110
- Enable traffic control 111
- Add a traffic control filter 112
- Working with Firewall NAT 113
- NAT behavior 114
- Secondary IP addresses 114
- Enable 1-to-1 NAT 115
- Add a 1-to-1 NAT entry 115
- Remove a 1-to-1 NAT entry 117
- 102 Firebox X Edge e-Series 118
- Configuring Logging 119
- Logging to a Syslog Host 121
- 106 Firebox X Edge e-Series 122
- Managing Users and Groups 123
- Active Sessions 124
- Stopping a session 124
- Local User Accounts 125
- About User Licenses 126
- About User Authentication 126
- Authenticating to the Edge 128
- MyCompany\jsmith 129
- Enabling MUVPN for a user 131
- The Administrator account 131
- 116 Firebox X Edge e-Series 132
- Adding a group 134
- User Guide 119 135
- LDAP Authentication and MUVPN 136
- Configuring WebBlocker 137
- Creating WebBlocker Profiles 139
- WebBlocker Categories 140
- User Guide 125 141
- 126 Firebox X Edge e-Series 142
- User Guide 127 143
- 128 Firebox X Edge e-Series 144
- User Guide 129 145
- 130 Firebox X Edge e-Series 146
- Blocking Additional Web Sites 148
- Bypassing WebBlocker 149
- 3 Click Add 150
- 4 Click Submit 150
- Configuring Virtual Private 151
- Networks 151
- Managed VPN 152
- What you need for Manual VPN 153
- Item Description Assigned 154
- Phase 1 settings 155
- Phase 2 settings 157
- VPN Keep Alive 158
- Viewing VPN Statistics 159
- Frequently Asked Questions 159
- 144 Firebox X Edge e-Series 160
- Configuring the MUVPN Client 161
- Disabled 162
- Preferred 162
- Get the user’s .wgx file 164
- WINS and DNS servers 165
- Windows NT setup 166
- Windows 2000 setup 167
- Windows XP setup 168
- Installing the MUVPN client 170
- Uninstalling the MUVPN client 171
- Connecting the MUVPN client 172
- The MUVPN client icon 172
- Using Log Viewer 174
- Using Connection Monitor 174
- User Guide 159 175
- Shutting down ZoneAlarm 176
- Uninstalling ZoneAlarm 176
- User Guide 161 177
- 162 Firebox X Edge e-Series 178
- “User Name.” 178
- Troubleshooting Tips 179
- 164 Firebox X Edge e-Series 180
- Package Contents 181
- Specifications 182
- Hardware Description 183
- Rear view 184
- Side panels 184
- AC Power Adapter 185
- Antenna directional gain 186
- Signal attenuation 186
- Channel data rate 186
- Legal Notifications 187
- 172 Firebox X Edge e-Series 188
- OpenLDAP 189
- 174 Firebox X Edge e-Series 190
- User Guide 175 191
- 176 Firebox X Edge e-Series 192
- User Guide 177 193
- 178 Firebox X Edge e-Series 194
- User Guide 179 195
- 180 Firebox X Edge e-Series 196
- User Guide 181 197
- 182 Firebox X Edge e-Series 198
- User Guide 183 199
- OpenNTPD 200
- GNU Public License (GPL) 201
- 186 Firebox X Edge e-Series 202
- User Guide 187 203
- 188 Firebox X Edge e-Series 204
- User Guide 189 205
- 190 Firebox X Edge e-Series 206
- Traceroute 207
- 192 Firebox X Edge e-Series 208
- User Guide 193 209
- 194 Firebox X Edge e-Series 210
- User Guide 195 211
- 196 Firebox X Edge e-Series 212
- Certifications and Notices 213
- 198 Firebox X Edge e-Series 214
- CE Notice 215
- Industry Canada 215
- CANADA RSS-210 215
- Class A Korean Notice 216
- VCCI Notice Class A ITE 216
- Taiwanese Class A Notice 216
- Taiwanese Wireless Notice 216
- Declaration of Conformity 217
- Limited Hardware Warranty 217
- 202 Firebox X Edge e-Series 218
- User Guide 203 219
- 204 Firebox X Edge e-Series 220
- Numerics 221
Verwandte Produkte und Handbücher für Vernetzung Watchguard Firebox X5-W
Vernetzung Watchguard V10.0 Betriebsanweisung
(38 Seiten)
(38 Seiten)
Vernetzung Watchguard V10.0 Betriebsanweisung
(25 Seiten)
(25 Seiten)
Vernetzung Watchguard V10 Betriebsanweisung
(14 Seiten)
(14 Seiten)
Vernetzung Watchguard V10.0 Betriebsanweisung
(322 Seiten)
(322 Seiten)
Vernetzung Watchguard V10.0 Spezifikationen
(23 Seiten)
(23 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.194 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern