WatchGuard Technologies V10.0 manual Select a user authentication server

Page 11

Configuring the Firebox for Mobile VPN

3Use the instructions provided here to go through each screen of the wizard. Click Next after each step.

4Select a user authentication server

Select an authentication server from the Authentication Server drop-down list. You can authenticate users with the internal Firebox database (Firebox-DB) or with a RADIUS, SecurID, LDAP, or Active Directory server. Make sure that this method of authentication is enabled in Policy Manager (select Setup > Authentication > Authentication Servers).

Type a group name in the Group Name field. You can type the name of an existing Mobile VPN group, or enter a group name for a new Mobile VPN group. Make sure the name is unique among VPN group names as well as all interface and tunnel names.

See the Authentication chapter in the WatchGuard® System Manager User Guide for more information.

5Select a tunnel authentication method: Select Use this passphrase. Type and confirm a passphrase.

When your remote users import their Mobile VPN connection profile, they will need this passphrase. In the Mobile VPN Configuration Assistant, this passphrase is known as the “pre- shared key” or “shared secret.”

Administrator Guide

9

Image 11

Contents WatchGuardMobile VPN with IPSec Administrator Guide Address Before You Begin About Mobile VPN Client Configuration FilesEnabling Mobile VPN for a Firebox User Account Select the Enable Muvpn for this account check boxGet the user’s .wgx file Configuring Global Mobile VPN Client SettingsDistributing the Software and Profiles Distributing the Software and ProfilesEnd-user profile Distributing the Software and Profiles Mobile User VPN Before You Begin Configuring the Firebox for Mobile VPN Select a user authentication server Configuring the Firebox for Mobile VPN Configuring the external authentication server Adding Users to a Firebox Mobile VPN Group Modifying an Existing Mobile VPN ProfileConfirm Use a certificate Phase2 Settings Defining advanced Phase 1 settings Allowing Internet access through Mobile VPN tunnels Configuring Wins and DNS ServersOn the Mobile User VPN tab, click Advanced Locking Down an End-User ProfileSeeing details on an Mobile VPN policy Configuring Policies to Filter Mobile VPN TrafficAdd individual policies Saving the Profile to a Firebox Using the Any PolicyRe-creating End-User Profiles Making outbound IPSec connections from behind a Firebox Additional Mobile VPN TopicsSeeing the number of Mobile VPN licenses Global VPN settingsAdding feature keys Terminating IPSec connectionsMobile VPN Client Installation and Connection Installing the Mobile VPN with IPSec Client Window AutoStart No Autostart Select Configuration Profile ImportImporting the end-user profile Selecting a certificate and entering the PIN Connecting the Mobile VPN ClientUninstalling the Mobile VPN client Start All Programs WatchGuard Mobile VPN Mobile VPN Monitor Disconnecting the Mobile VPN clientControlling connection behavior Mobile User VPN client icon Seeing Mobile VPN Log MessagesEnabling the link firewall Securing Your Computer with the Mobile VPN FirewallEnabling the desktop firewall Configuration Firewall SettingsAbout the desktop firewall Creating firewall rules Defining friendly networksGeneral tab Local tab Remote tab