WatchGuard Technologies V10.0 Re-creating End-User Profiles, Saving the Profile to a Firebox

Page 22

Re-creating End-User Profiles

Under MUVPN Group, Policy Manager displays the authentication server, in parentheses, for the Mobile VPN group.

Using the Any Policy

The Any policy is added to all Mobile VPN user groups by default. The Any policy allows traffic on all ports and protocols between the Mobile VPN user and the Remote Networks available through the Mobile VPN tunnel. If you want to restrict traffic for Mobile VPN users to a more limited group or ports and protocols, the Any policy on the Mobile User VPN can be deleted and replaced with policies speci- fied by the administrator.

Re-creating End-User Profiles

The WatchGuard® Mobile VPN with IPSec configuration gives you the ability to re-create end-user pro- files for your existing Mobile VPN users. Use this procedure to create new end-user profiles with the same settings for the current MUVPN users.

Mobile VPN configuration files, or profiles, are located in Documents and Settings\All Users\

Shared Watchguard\muvpn\ip_address\config_name\wgx\config_name.wgx. If the tunnel is authenti- cated with certificates, the certificates are also created.

To create new end-user profiles for current Mobile VPN users, on the Mobile User VPN tab, select the Mobile VPN group and click Generate.

You can now distribute these end-user profiles as necessary.

Saving the Profile to a Firebox

To activate a new Mobile VPN user profile, you must save the configuration file to the Firebox®. From the File menu, select Save > To Firebox.

20	Mobile User VPN

Image 22

Contents WatchGuardMobile VPN with IPSec Administrator Guide Address About Mobile VPN Client Configuration Files Before You BeginSelect the Enable Muvpn for this account check box Enabling Mobile VPN for a Firebox User AccountConfiguring Global Mobile VPN Client Settings Get the user’s .wgx fileDistributing the Software and Profiles Distributing the Software and ProfilesEnd-user profile Distributing the Software and Profiles Mobile User VPN Before You Begin Configuring the Firebox for Mobile VPN Select a user authentication server Configuring the Firebox for Mobile VPN Configuring the external authentication server Modifying an Existing Mobile VPN Profile Adding Users to a Firebox Mobile VPN GroupConfirm Use a certificate Phase2 Settings Defining advanced Phase 1 settings Configuring Wins and DNS Servers Allowing Internet access through Mobile VPN tunnelsLocking Down an End-User Profile On the Mobile User VPN tab, click AdvancedAdd individual policies Configuring Policies to Filter Mobile VPN TrafficSeeing details on an Mobile VPN policy Re-creating End-User Profiles Using the Any PolicySaving the Profile to a Firebox Additional Mobile VPN Topics Making outbound IPSec connections from behind a FireboxTerminating IPSec connections Global VPN settingsAdding feature keys Seeing the number of Mobile VPN licensesMobile VPN Client Installation and Connection Installing the Mobile VPN with IPSec Client Importing the end-user profile Select Configuration Profile ImportWindow AutoStart No Autostart Uninstalling the Mobile VPN client Connecting the Mobile VPN ClientSelecting a certificate and entering the PIN Controlling connection behavior Disconnecting the Mobile VPN clientStart All Programs WatchGuard Mobile VPN Mobile VPN Monitor Seeing Mobile VPN Log Messages Mobile User VPN client iconSecuring Your Computer with the Mobile VPN Firewall Enabling the link firewallAbout the desktop firewall Configuration Firewall SettingsEnabling the desktop firewall Defining friendly networks Creating firewall rulesGeneral tab Local tab Remote tab