Scribd Logo
Upload

Welcome to Scribd!

  • 153 views

    27 How To - Establish VPN Tunnel Between Cyberoam and WatchGuard Using Preshared Key

    Uploaded by

    PT. Equityworld Futures Surabaya Kota Sby Andrie Itsby
    The document provides steps to configure an IPSec VPN tunnel between a Cyberoam and WatchGuard firewall using preshared keys. It details the configuration settings needed on both devices, including connection names, IP addresses, encryption settings, and activating the connection.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    27 How To - Establish VPN Tunnel Between Cyberoam and WatchGuard Using Preshared Key

    Uploaded by

    PT. Equityworld Futures Surabaya Kota Sby Andrie Itsby
    153 views3 pages
    The document provides steps to configure an IPSec VPN tunnel between a Cyberoam and WatchGuard firewall using preshared keys. It details the configuration settings needed on both devices, including connection names, IP addresses, encryption settings, and activating the connection.

    Original Description:

    Establish_VPN_tunnel_between_Cyberoam_and_WatchGuard_using_Preshared_key

    Original Title

    27 How to - Establish VPN Tunnel Between Cyberoam and WatchGuard Using Preshared Key

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document provides steps to configure an IPSec VPN tunnel between a Cyberoam and WatchGuard firewall using preshared keys. It details the configuration settings needed on both devices, including connection names, IP addresses, encryption settings, and activating the connection.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    153 views3 pages

    27 How To - Establish VPN Tunnel Between Cyberoam and WatchGuard Using Preshared Key

    Uploaded by

    PT. Equityworld Futures Surabaya Kota Sby Andrie Itsby
    The document provides steps to configure an IPSec VPN tunnel between a Cyberoam and WatchGuard firewall using preshared keys. It details the configuration settings needed on both devices, including connection names, IP addresses, encryption settings, and activating the connection.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 3

    How To Establish VPN Tunnel

    between
    and Firebox
    (WatchGuard)
    Preshared key
    How
    To Cyberoam
    Establish
    VPN
    Tunnel using
    between

    Cyberoam and Firebox (WatchGuard) using


    Preshared key

    Applicable to Version: 9.4.0 build 2 onwards


    This article describes a detailed configuration example that demonstrates how to configure net-tonet IPSec VPN tunnel between a Cyberoam and WatchGuard using Preshared key to authenticate
    VPN peers.
    It is assumed that the reader has a working knowledge of Cyberoam and WatchGuard appliance
    configuration.
    Information to be gathered about the both the peers before configuration
    1. Connection details - Encryption algorithm, Authentication Algorithm and DH/PFS Group
    2. Server IP addresses
    3. Internal Network Subnet
    4. Local and Remote ID

    Cyberoam Configuration
    Step 1: Create IPSec connection
    Go to VPN IPSec Connection Create Connection and create connection with the following
    values:
    Connection name: cr_2_wg
    Policy: Default Policy
    Action on restart: As required
    Mode: Tunnel
    Connection Type: Net to Net
    Authentication Type Preshared key
    Preshared key Specify Preshared key. Forward this key to the remote peer (WatchGuard) as
    same preshared key should be used by both the peers.
    Local server IP address (WAN IP address) 192.168.15.204
    Local Internal Network 8.8.8.0/24
    Local ID 1.1.1.2 (Specify this IP address as ID Type in Remote Gateway Settings in
    WatchGuard)
    Remote server IP address (WAN IP address) 192.168.1.194
    Remote Internal Network 112.12.1.0/24
    Remote ID 192.168.1.194
    User Authentication Mode: As required
    Protocol: As required
    Step 2. Activate Connection and establish Tunnel
    Go to VPN IPSec Connection Manage Connection

    How To Establish VPN Tunnel between Cyberoam and Firebox (WatchGuard) using Preshared key
    To activate the connection, click

    under Connection Status against the cr_2_wg connection

    under Connection Status indicates that the connection is successfully activated

    Note
    At a time only one connection can be active if both the types of connection - Digital Certificate and
    Preshared Key - are created with the same source and destination. In such situation, at the time of
    activation, you will receive error unable to activate connection hence you need to deactivate all
    other connections.

    WatchGuard Configuration
    Step 3. Configure Gateway from Policy Manager
    Go to VPN Branch Office Gateways Add and create Gateway with the following values:
    Gateway name: wg_2_cr
    Remote Gateway Settings
    Gateway IP: 192.168.15.204 (Cyberoam WAN IP address)
    ID Type: IP Address: 1.1.1.2 (Specified as Local ID Type in IPSec Connection in Cyberoam)
    Local Gateway Settings
    ID Type: IP Address: 192.168.1.194 (Select the IP address from the adjacent drop-down list. All
    configured Firebox interface IP addresses are shown)
    Credential Method
    Pre-Shared Key: As specified in IPSec Connection in Cyberoam
    Phase1 Settings
    Authentication: MD5
    Encryption: 3DES
    Mode: Main
    Phase1 Advanced Settings
    Key Group: Diffie-Hellman Group2
    Step 4. Configure Tunnel from Policy Manager
    Go to VPN Branch Office Tunnels Add tunnel with the following values:
    Tunnel name: cr_tunnel
    Gateway: wg_2_cr (as created in step 1)
    Phase2 Settings
    Proposals: ESP-3DES-MD5
    PFS: Enable, Diffie-Hellman Group2

    How To Establish VPN Tunnel between Cyberoam and Firebox (WatchGuard) using Preshared key
    Addresses
    Local address: Network IP: 112.12.1.0/24 (WatchGuard Network)
    Remote Address: Network IP: 8.8.8.0/24 (Specified as Local Internal Network IP in Cyberoam
    IPSec connection)
    Step 5. Save configuration
    Go to File Save To Firebox
    Step 6. Establish Connection from Cyberoam
    Go to VPN IPSec Connection Manage Connection
    To establish the connection/tunnel, click
    connection

    under Connection Status against the cr_2_wg

    under Connection Status indicates that the connection/tunnel is successfully established


    Reference Documents
    VPN Troubleshooting Guide

    Document Version: 9402-1.0-12/12/2006

    You might also like