Watchguard VPN v10.0 Manuel d'utilisateur

WatchGuard®Mobile VPN with IPSec Administrator GuideWatchGuard Mobile VPN v10.0 Revised: November 28, 2007

About Mobile VPN Client Configuration Files8Mobile User VPNAbout Mobile VPN Client Configuration FilesWith Mobile VPN with IPSec, the network security

Administrator Guide 9Configuring the Firebox for Mobile VPN3 Use the instructions provided here to go through each screen of the wizard. Click Next af

Configuring the Firebox for Mobile VPN10Mobile User VPN6 Direct the flow of Internet traffic: Select an option for Internet traffic. You can allow all

Administrator Guide 11Configuring the Firebox for Mobile VPN8 Create the virtual IP address pool: Click Add to add one IP address or an IP address ran

Modifying an Existing Mobile VPN Profile12Mobile User VPNAdding Users to a Firebox Mobile VPN Group To create an Mobile VPN tunnel with the Firebox, r

Administrator Guide 13Modifying an Existing Mobile VPN Profile3 Click Edit.The Edit MUVPN Extended Authentication Group dialog box appears.Use the fol

Modifying an Existing Mobile VPN Profile14Mobile User VPNtimeouts for the Mobile VPN group are always ignored because you set timeouts in the individu

Administrator Guide 15Modifying an Existing Mobile VPN ProfilePhase2 SettingsSelect the proposal and key expiration settings for the Mobile VPN tunnel

Modifying an Existing Mobile VPN Profile16Mobile User VPNDefining advanced Phase 1 settingsTo define advanced Phase 1 settings for an Mobile VPN user

Administrator Guide 17Configuring WINS and DNS Servers2 From the Type drop-down list, select ESP or AH as the proposal method. Only ESP is supported a

ii Mobile User VPNADDRESS:505 Fifth Avenue SouthSuite 500Seattle, WA 98104SUPPORT: www.watchguard.com/supportU.S. and Canada +877.232.3531All Other Co

Locking Down an End-User Profile18Mobile User VPNLocking Down an End-User ProfileYou can use the advanced settings to lock down the end-user profile s

Administrator Guide 19Configuring Policies to Filter Mobile VPN TrafficConfiguring Policies to Filter Mobile VPN TrafficIn a default configuration, Mo

Re-creating End-User Profiles20Mobile User VPNUnder MUVPN Group, Policy Manager displays the authentication server, in parentheses, for the Mobile VPN

Administrator Guide 21Distributing the Software and ProfilesDistributing the Software and ProfilesWatchGuard® recommends distributing end-user profile

Additional Mobile VPN Topics22Mobile User VPNTerminating IPSec connectionsTo fully stop VPN connections, the Firebox must be restarted. Removing the I

Administrator Guide 233 Mobile VPN Client Installation and ConnectionThe WatchGuard® Mobile VPN with IPSec client is installed on an employee computer

Installing the Mobile VPN with IPSec Client24Mobile User VPN> Windows Firewall > Change Settings > Exceptions) for UDP port 4500. This will e

Administrator Guide 25Installing the Mobile VPN with IPSec ClientImporting the end-user profileWhen the computer restarts, the WatchGuard Mobile VPN C

Connecting the Mobile VPN Client26Mobile User VPNIf the password you use is your password on an Active Directory or LDAP server and you choose to stor

Administrator Guide 27Connecting the Mobile VPN ClientStart your connection to the Internet through a Dial-Up Networking connection or LAN connection.

Administrator Guide 11 Configure the Firebox X Edge to use Mobile VPN with IPSecThe WatchGuard® Mobile VPN with IPSec client is a software application

Seeing Mobile VPN Log Messages28Mobile User VPN4 Use the Connection Mode drop-down list to set the connection behavior you want for this profile. -

Administrator Guide 29Securing Your Computer with the Mobile VPN FirewallSecuring Your Computer with the Mobile VPN FirewallThe WatchGuard® Mobile VPN

Securing Your Computer with the Mobile VPN Firewall30Mobile User VPN4 From the Stateful Inspection drop-down list, select when connected or always. I

Administrator Guide 31Securing Your Computer with the Mobile VPN Firewall3 Define friendly networks and create firewall rules as described in the subs

Securing Your Computer with the Mobile VPN Firewall32Mobile User VPNTo create a rule, click New. Use the four tabs in the Firewall Rule Entry dialog b

Administrator Guide 33Securing Your Computer with the Mobile VPN FirewallLocal tabUse the Local tab to define the local IP address and ports that are

Securing Your Computer with the Mobile VPN Firewall34Mobile User VPNRemote tabUse the Remote tab to define the remote IP address or addresses and port

Administrator Guide 35Securing Your Computer with the Mobile VPN Firewall

Securing Your Computer with the Mobile VPN Firewall36Mobile User VPN

Enabling Mobile VPN for a Firebox User Account2Mobile User VPNThe Firebox X Edge creates a .wgx file for a user when a Firebox user’s account is confi

Administrator Guide 3Configuring Global Mobile VPN Client Settings10 Set MUVPN key expiration in kilobytes and/or hours. The default values are 8192 K

Distributing the Software and Profiles4Mobile User VPN1 You can choose to make the .wgx file read-only so that the user cannot change the security pol

Administrator Guide 5Distributing the Software and Profiles• The end-user profileThis file contains the user name, shared key, and settings that enabl

Distributing the Software and Profiles6Mobile User VPN

Administrator Guide 72 Using Fireware Policy Manager to Configure Mobile VPN with IPSec The WatchGuard® Mobile VPN with IPSec client is a software app