Filter
Top Products
Administrator Guide 15
Modifying an Existing Mobile VPN Profile
Phase2 Settings
Select the proposal and key expiration settings for the Mobile VPN tunnel. You can also enable
Perfect Forward Secrecy (PFS) or set the Diffie-Hellman group. To change other proposal
settings, click the Proposal button, and see the procedure described in “Defining advanced
Phase 2 settings” on page 16.
6 Click the Resources tab.
7 Use the following fields to add and remove allowed network resources and virtual IP addresses:
Force All Traffic Through Tunnel
Select this check box to send all Mobile VPN user Internet traffic through the VPN tunnel. When
this is selected, Mobile VPN user Internet traffic is sent through the VPN, but web sites can be
slower for those users. If this is not selected, Mobile VPN user Internet traffic is not sent safely, but
users can browse the Internet more quickly.
Allowed Resources list
This list shows the resources that users in the Mobile VPN authentication group can get access to
on the network. Click Add to add an IP address or IP address range to the network resources list.
Click Remove to clear the selected IP address or IP address range from the network resources list.
Virtual IP Address Pool
This list shows the internal IP addresses that are used by Mobile VPN users over the tunnel. These
addresses are used only when they are needed. Click Add to add an IP address or IP address
range to the virtual IP address pool. Click Remove to clear the selected IP address or IP address
range from the virtual IP address pool.
8 Click OK.
You return to the Remote Users Configuration dialog box.
End-user profiles (*.wgx) for the profile you edited are automatically regenerated. You must distribute new
end-user profiles to the affected users and groups.