WatchGuard - Site-To-Site VPN

Often a site to site VPN is required to create a tunnel to a remote site so it can access resources from head office and vice versa.

How to configure:

For this guide, the VPN will be created using WatchGuard System Manager specifically policy manager.

Step 1:

Select VPN "Branch Office Gateways"

When the image below appears click "Add"

Step 2 - Define the pre-shared key

Step 3 - Configure the Local and Remote Gateway 

On the Local Gateway, section select the external IP address you wish to use to form the VPN from and specify the gateway ID for authentication.

In the Remote Gateway section, enter in the IP address of the remote site and enter the remote gateway ID

Step 4 - Configure the Phase 1 Settings

These need to match at either end so select the highest security that is available on both devices.

Step 5 - Select VPN "Branch Office Tunnels"

Step 6 - Create a tunnel mechanism 

This is used to specify the local and remote private IP address ranges of which ranges can talk to one another.

Step 7 - Configure the Phase 2 Settings

These need to match at either end so select the highest security that is available on both devices.

The VPN's will now form to test try and ping a device at the remote end.