WatchGuard Technologies V10.0 Cell Phone User Manual


 
About Mobile VPN Client Configuration Files
8
Mobile User VPN
About Mobile VPN Client Configuration Files
With Mobile VPN with IPSec, the network security administrator controls end-user profiles. Policy Man-
ager is used to set the name of the end user and create a client configuration file, or profile, with the file
extension .wgx. The .wgx file contains the shared key, user identification, IP addresses, and settings that
are used to create a secure tunnel between the remote computer and the Firebox®. This file is
encrypted with a key that is eight characters or greater in length. This key must be known to the
administrator and the remote user. When the .wgx file is imported on the remote client, this key is used
to decrypt the file for the client software to use.
After you use the Add Mobile User VPN wizard, you can create or re-create a .wgx file at any time.
If you want to lock the profiles for mobile users by making them read-only, see “Locking Down an End-
User Profile” on page 18.
Configuring the Firebox for Mobile VPN
Use this procedure to enable Mobile VPN for an existing group of users or a new group you want to cre-
ate. The users that are part of the group can authenticate to the local Firebox® authentication server, or
to a third-party authentication server configured in your Firebox configuration. If you use Firebox
authentication, use the instructions in “Adding Users to a Firebox Mobile VPN Group” on page 12 to
add users to your group. If you use a third-party authentication server, use the instructions provided in
that vendor’s documentation.
1 From Policy Manager, select VPN > Remote Users.
The Remote User VPN configuration dialog box appears.
2 Click Add.
The Add Mobile User VPN Wizard appears.