Disable Automatic Tunnel Startup

BOVPN tunnels are automatically created each time the Firebox starts. You can change this default behavior in the settings for the branch office VPN. A common reason to change it would be if the remote endpoint uses a third-party device that must initiate the tunnel instead of the local endpoint.

Disable Automatic Startup for Manual Branch Office VPN Tunnels

To disable automatic startup for tunnels that use a gateway, from Fireware Web UI:

Select VPN > Branch Office VPN.

The Branch Office VPN configuration page appears
Select a gateway and click Edit.

The Gateway page appears.
Clear the Start Phase 1 tunnel when Firebox starts check box at the bottom of the page.

To disable automatic startup for tunnels that use a gateway, from Policy Manager:

Select VPN > Branch Office Gateways.
The Gateways dialog box appears.
Select a gateway and click Edit.
The Edit Gateway dialog box appears.
Clear the Start Phase 1 tunnel when Firebox starts check box at the bottom of the dialog box.

Disable Automatic Tunnel Startup for a BOVPN Virtual Interface

To disable automatic startup for a BOVPN virtual interface, from Fireware Web UI or Policy Manager:

Select VPN > BOVPN Virtual Interface.
Clear the Start Phase 1 tunnel when it is inactivecheck box.

If you clear this check box, the Firebox still automatically restarts the tunnel when it is inactive if any policy uses policy-based routing to route outbound traffic to this BOVPN virtual interface.

You can also disable a BOVPN gateway and all associated tunnels. For more information, go to Disable or Enable a Branch Office VPN.

© 2024 WatchGuard Technologies, Inc. All rights reserved. WatchGuard and the WatchGuard logo are registered trademarks or trademarks of WatchGuard Technologies in the United States and other countries. Various other trademarks are held by their respective owners.