WatchGuard Technologies V10.0 manual End-user profile

Page 7

Distributing the Software and Profiles

The end-user profile

This file contains the user name, shared key, and settings that enable a remote computer to connect securely over the Internet to a protected, private computer network. For information on how to get the profile from the Edge, see “Get the user’s .wgx file” on page 3.

User documentation

Documentation to help the remote user install the Mobile VPN client and import their Mobile VPN configuration file can be found in the “Mobile VPN Client Installation and Connection” chapter in this user guide.

Shared key

To import the end-user profile, the user is requested to type a shared key. This key decrypts the file and imports the security policy into the Mobile VPN client. The key is set when you enable the Firebox User account to use Mobile VPN with IPSec.

The shared key, user name, and password are highly sensitive information. For security reasons, we recommend that you do not provide this information by email message. Because email is not secure, an unauthorized user can get the information and gain access to your internal network.

Give the user the information by telling it to the user, or by some other method that does not allow an unauthorized person to intercept it.

Administrator Guide

5

Image 7
Contents WatchGuardMobile VPN with IPSec Administrator Guide Address Before You Begin About Mobile VPN Client Configuration FilesEnabling Mobile VPN for a Firebox User Account Select the Enable Muvpn for this account check boxGet the user’s .wgx file Configuring Global Mobile VPN Client SettingsDistributing the Software and Profiles Distributing the Software and ProfilesEnd-user profile Distributing the Software and Profiles Mobile User VPN Before You Begin Configuring the Firebox for Mobile VPN Select a user authentication server Configuring the Firebox for Mobile VPN Configuring the external authentication server Adding Users to a Firebox Mobile VPN Group Modifying an Existing Mobile VPN ProfileConfirm Use a certificate Phase2 Settings Defining advanced Phase 1 settings Allowing Internet access through Mobile VPN tunnels Configuring Wins and DNS ServersOn the Mobile User VPN tab, click Advanced Locking Down an End-User ProfileAdd individual policies Configuring Policies to Filter Mobile VPN TrafficSeeing details on an Mobile VPN policy Re-creating End-User Profiles Using the Any PolicySaving the Profile to a Firebox Making outbound IPSec connections from behind a Firebox Additional Mobile VPN TopicsSeeing the number of Mobile VPN licenses Global VPN settingsAdding feature keys Terminating IPSec connectionsMobile VPN Client Installation and Connection Installing the Mobile VPN with IPSec Client Importing the end-user profile Select Configuration Profile ImportWindow AutoStart No Autostart Uninstalling the Mobile VPN client Connecting the Mobile VPN ClientSelecting a certificate and entering the PIN Controlling connection behavior Disconnecting the Mobile VPN clientStart All Programs WatchGuard Mobile VPN Mobile VPN Monitor Mobile User VPN client icon Seeing Mobile VPN Log MessagesEnabling the link firewall Securing Your Computer with the Mobile VPN FirewallAbout the desktop firewall Configuration Firewall SettingsEnabling the desktop firewall Creating firewall rules Defining friendly networksGeneral tab Local tab Remote tab