On Watchguard:
1. Create VPN -> Branch Office Gateway:
Put PSK, Main Mode, Nat traversal, Dead Per Detection
Create Transform Settings (SHA1-3DES-DH2)
2. Create VPN -> Branch Office IPSec Tunnel:
Put local and remote addresses,
Tick Add this tunnel to the BOVPN-Alliw policies
Add phase2 (ESP-SHA1-3DES)
3. Create wiriwall policy for local traffic.
On Cisco:
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key [PSK] address [WG External IP]
crypto ipsec transform-set POL_trans esp-3des esp-sha-hmac
mode transport
crypto map [POLICY] 1 ipsec-isakmp
set peer [WG External IP]
set transform-set POL_trans
match address 132
interface Dialer0
crypto map [POLICY]
access-list 132 permit ip 10.0.0.0 0.0.0.255 192.168.0.0 0.0.0.255