About Mobile VPN Client Configuration Files
About Mobile VPN Client Configuration Files
With Mobile VPN with IPSec, the network security administrator controls end-user profiles. Policy Man- ager is used to set the name of the end user and create a client configuration file, or profile, with the file extension .wgx. The .wgx file contains the shared key, user identification, IP addresses, and settings that are used to create a secure tunnel between the remote computer and the Firebox®. This file is encrypted with a key that is eight characters or greater in length. This key must be known to the administrator and the remote user. When the .wgx file is imported on the remote client, this key is used to decrypt the file for the client software to use.
After you use the Add Mobile User VPN wizard, you can create or re-create a .wgx file at any time.
If you want to lock the profiles for mobile users by making them read-only, see “Locking Down an End- User Profile” on page 18.
Configuring the Firebox for Mobile VPN
Use this procedure to enable Mobile VPN for an existing group of users or a new group you want to cre- ate. The users that are part of the group can authenticate to the local Firebox® authentication server, or to a third-party authentication server configured in your Firebox configuration. If you use Firebox authentication, use the instructions in “Adding Users to a Firebox Mobile VPN Group” on page 12 to add users to your group. If you use a third-party authentication server, use the instructions provided in that vendor’s documentation.
1From Policy Manager, select VPN > Remote Users.
The Remote User VPN configuration dialog box appears.
2Click Add.
The Add Mobile User VPN Wizard appears.