Filter
Top Products
Administrator Guide 11
Configuring the Firebox for Mobile VPN
8 Create the virtual IP address pool: Click Add to add one IP address or an IP address range.
Repeat this step to add more virtual IP addresses.
Mobile VPN users will be assigned one of these IP addresses when they connect to your network.
The number of IP addresses should be the same as the number of Mobile VPN users. If High
Availability is configured, you must add two virtual IP addresses for each Mobile VPN user. The IP
addresses cannot be used for anything else on your network.
9 Click Finish. The Remote User VPN Configuration dialog box appears. Click OK to close.
The Mobile VPN client profile is saved in Documents and Settings\All Users\
Shared WatchGuard\muvpn\ip_address\config_name\wgx\config_name.wgx.
Configuring the external authentication server
If you create a Mobile VPN user group that authenticates to a third-party server, make sure you create a
group on the server that has the same name as the Mobile VPN group name entered in the wizard. For
RADIUS or SecurID, make sure that the RADIUS server sends a Filter-Id attribute (RADIUS attribute #11)
when a user successfully authenticates, to tell the Firebox what group the user belongs to. The value for
the Filter-Id attribute must match the name of the Mobile VPN group as it appears in Policy Manager.
All Mobile VPN users that authenticate to the server must belong to this group.