Watchguard x5 VPN step by step

Posted on 2009-02-18
Last Modified: 2013-11-16
Trying to setup a Watchguard Firebox X Edge with client VPN Access.  I have 5 licenses, does anyone have a step by step?
Question by:TJacoberger1
    1 Comment
    LVL 32

    Accepted Solution

    Before you begin, please make sure the remote computer does not have any other IPSec mobile user VPN client software installed. It is recommended you uninstall any desktop firewall software (other than Microsoft firewall software) from each remote computer.

    To configure MUVPN:
    1. You need to add users in Edge first, to add a new Firebox user, select Firebox Users > New User. You can also edit any of the existing users as you might have added.
    2. On the Settings tab, type an Account Name for the user. Type the password for the user. This is
    different from the shared secret you type for VPN configuration.
    3. Click the MOVPN tab.
    4. Select the Enable Mobile VPN with IPSec for this account check box.
    5. Type a shared key in the Shared key field.
    6. Type the virtual IP address in the field. The virtual IP address must be an address on the X Edge trusted or optional network that is not used and is not part of any range of DHCP addresses assigned by the Edge.
    This address is used by the remote computer to connect to the network behind Firebox X Edge.
    7. Configure/change the Authentication Algorithm or Encryption Algorithm settings or leave them to default.
    8. Set Mobile VPN key expiration in kilobytes and/or hours or leave defaults.
    9. Select Mobile User in the VPN Client Type drop-down list.
    10. Select the All traffic uses tunnel ( IP Subnet) check box if the remote client sends all its
    traffic (including usual web traffic) through the VPN tunnel to the Firebox X Edge [called zero route tunnel]; if you wish to implement split tunneling then leave this box unchecked.
    11. Click Submit.

    To get the .wgx file:
    Select Firebox Users. Below Secure Mobile VPN with IPSec Client Configuration Files, select the .wgx file to download. Save the .wgx file to your computer.
    You need to take this file to the remote machine; install software and then double click the file; it would prompt for password [this is as set in step # 5 above]. After this the client is configured and ready to connect.

    Please implement and update if you need more details.

    Thank you.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now