Modifying an Existing Mobile VPN Profile
Adding Users to a Firebox Mobile VPN Group
To create an Mobile VPN tunnel with the Firebox, remote users type their user name and password to authenticate. WatchGuard® System Manager software uses this information to authenticate the user to the Firebox®.
To authenticate, users must be part of the group entered in the Add Mobile User VPN Wizard. If you use Firebox authentication, use the instructions below. If you use a
1From Policy Manager, select Setup > Authentication > Authentication Servers.
The Authentication Servers dialog box appears.
2Make sure that the Firebox tab is selected.
3To add a new user, click the Add button below the Users list.
The Setup Firebox User dialog box appears.
4Type a user name and passphrase for the new user. Type the passphrase again to confirm it.
Description is not required. Do not change the values for Session Timeout and Idle Timeout unless the change is necessary.
5In the Firebox Authentication Groups area use the horizontal arrows to make the new user a member of the group you created in the wizard.
6Click OK.
The new user appears in the Users list in the Authentication Servers dialog box. The dialog box stays open for you to add more users if you choose.
7To close the Authentication Servers dialog box, click OK.
Modifying an Existing Mobile VPN Profile
After you use the Mobile User VPN wizard to create a new .wgx file, you can make changes to the profile to:
•Change the shared key
•Add access to more hosts or networks
•Restrict access to a single destination port, source port, or protocol
•Change the Phase 1 or Phase 2 settings.
1From Policy Manager, select VPN > Remote Users.
2From the list of user names and groups on the Remote User VPN dialog box, click the user name or group to change.
12 | Mobile User VPN |