Select a user authentication server | WatchGuard Technologies V10.0

Configuring the Firebox for Mobile VPN

3Use the instructions provided here to go through each screen of the wizard. Click Next after each step.

4Select a user authentication server

Select an authentication server from the Authentication Server drop-down list. You can authenticate users with the internal Firebox database (Firebox-DB) or with a RADIUS, SecurID, LDAP, or Active Directory server. Make sure that this method of authentication is enabled in Policy Manager (select Setup > Authentication > Authentication Servers).

Type a group name in the Group Name field. You can type the name of an existing Mobile VPN group, or enter a group name for a new Mobile VPN group. Make sure the name is unique among VPN group names as well as all interface and tunnel names.

See the Authentication chapter in the WatchGuard® System Manager User Guide for more information.

5Select a tunnel authentication method: Select Use this passphrase. Type and confirm a passphrase.

When your remote users import their Mobile VPN connection profile, they will need this passphrase. In the Mobile VPN Configuration Assistant, this passphrase is known as the “pre- shared key” or “shared secret.”

Administrator Guide

9

Image 11

WatchGuard Technologies V10.0 manual Select a user authentication server

Contents

WatchGuardMobile VPN with IPSec Administrator Guide Address Before You Begin About Mobile VPN Client Configuration Files Enabling Mobile VPN for a Firebox User Account Select the Enable Muvpn for this account check box Get the user’s .wgx file Configuring Global Mobile VPN Client Settings Distributing the Software and Profiles Distributing the Software and Profiles End-user profile Distributing the Software and Profiles Mobile User VPN Before You Begin Configuring the Firebox for Mobile VPN Select a user authentication server Configuring the Firebox for Mobile VPN Configuring the external authentication server Adding Users to a Firebox Mobile VPN Group Modifying an Existing Mobile VPN Profile Confirm Use a certificate Phase2 Settings Defining advanced Phase 1 settings Allowing Internet access through Mobile VPN tunnels Configuring Wins and DNS Servers On the Mobile User VPN tab, click Advanced Locking Down an End-User Profile Seeing details on an Mobile VPN policy Configuring Policies to Filter Mobile VPN TrafficAdd individual policies Saving the Profile to a Firebox Using the Any PolicyRe-creating End-User Profiles Making outbound IPSec connections from behind a Firebox Additional Mobile VPN Topics Seeing the number of Mobile VPN licenses Global VPN settingsAdding feature keys Terminating IPSec connections Mobile VPN Client Installation and Connection Installing the Mobile VPN with IPSec Client Window AutoStart No Autostart Select Configuration Profile ImportImporting the end-user profile Selecting a certificate and entering the PIN Connecting the Mobile VPN ClientUninstalling the Mobile VPN client Start All Programs WatchGuard Mobile VPN Mobile VPN Monitor Disconnecting the Mobile VPN clientControlling connection behavior Mobile User VPN client icon Seeing Mobile VPN Log Messages Enabling the link firewall Securing Your Computer with the Mobile VPN Firewall Enabling the desktop firewall Configuration Firewall SettingsAbout the desktop firewall Creating firewall rules Defining friendly networks General tab Local tab Remote tab