WatchGuard Technologies V10.0 manual Distributing the Software and Profiles

Page 6

Distributing the Software and Profiles

1You can choose to make the .wgx file read-only so that the user cannot change the security policy file. To do this, select the Make the MUVPN client security policy read-onlycheck box.

2Mobile VPN clients use shared Windows Internet Naming Service (WINS) and Domain Name System (DNS) server addresses. DNS changes host names into IP addresses, while WINS changes NetBIOS names to IP addresses. The trusted interface of the Edge must have access to these servers. Type a DNS server and WINS server IP address in the text boxes near the bottom of the Mobile User page.

Because the Mobile VPN client always uses a virtual adapter, you should not change the virtual adapter settings on this dialog box.This setting applies only to Mobile User VPN versions prior to 10.0. For version

10.0and later, it does not matter what you use for this setting because the Mobile VPN with IPSec software version 10.0 and later always uses a virtual adapter. See the Mobile User VPN Administrator's Guide for information about how this setting affects earlier versions of the Mobile User software.

Distributing the Software and Profiles

WatchGuard® recommends distributing end-user profiles by encrypted email or with some other secure method. Each client computer must have:

Software installation package

The packages are located on the WatchGuard LiveSecurity® Service web site at: http://www.watchguard.com/support

Log in to the site using your LiveSecurity Service user name and password. Click the Latest Software link, click Add-ons/Upgradeson the left side, and then click the link for Mobile VPN with IPSec.

4

Mobile User VPN

Image 6
Contents WatchGuardMobile VPN with IPSec Administrator Guide Address About Mobile VPN Client Configuration Files Before You BeginSelect the Enable Muvpn for this account check box Enabling Mobile VPN for a Firebox User AccountConfiguring Global Mobile VPN Client Settings Get the user’s .wgx fileDistributing the Software and Profiles Distributing the Software and ProfilesEnd-user profile Distributing the Software and Profiles Mobile User VPN Before You Begin Configuring the Firebox for Mobile VPN Select a user authentication server Configuring the Firebox for Mobile VPN Configuring the external authentication server Modifying an Existing Mobile VPN Profile Adding Users to a Firebox Mobile VPN GroupConfirm Use a certificate Phase2 Settings Defining advanced Phase 1 settings Configuring Wins and DNS Servers Allowing Internet access through Mobile VPN tunnelsLocking Down an End-User Profile On the Mobile User VPN tab, click AdvancedConfiguring Policies to Filter Mobile VPN Traffic Add individual policiesSeeing details on an Mobile VPN policy Using the Any Policy Re-creating End-User ProfilesSaving the Profile to a Firebox Additional Mobile VPN Topics Making outbound IPSec connections from behind a FireboxTerminating IPSec connections Global VPN settingsAdding feature keys Seeing the number of Mobile VPN licensesMobile VPN Client Installation and Connection Installing the Mobile VPN with IPSec Client Select Configuration Profile Import Importing the end-user profileWindow AutoStart No Autostart Connecting the Mobile VPN Client Uninstalling the Mobile VPN clientSelecting a certificate and entering the PIN Disconnecting the Mobile VPN client Controlling connection behaviorStart All Programs WatchGuard Mobile VPN Mobile VPN Monitor Seeing Mobile VPN Log Messages Mobile User VPN client iconSecuring Your Computer with the Mobile VPN Firewall Enabling the link firewallConfiguration Firewall Settings About the desktop firewallEnabling the desktop firewall Defining friendly networks Creating firewall rulesGeneral tab Local tab Remote tab