Watchguard x5 VPN step by step

Posted on 2009-02-18
Medium Priority
Last Modified: 2013-11-16
Trying to setup a Watchguard Firebox X Edge with client VPN Access.  I have 5 licenses, does anyone have a step by step?
Question by:TJacoberger1
1 Comment
LVL 32

Accepted Solution

dpk_wal earned 1500 total points
ID: 23688710
Before you begin, please make sure the remote computer does not have any other IPSec mobile user VPN client software installed. It is recommended you uninstall any desktop firewall software (other than Microsoft firewall software) from each remote computer.

To configure MUVPN:
1. You need to add users in Edge first, to add a new Firebox user, select Firebox Users > New User. You can also edit any of the existing users as you might have added.
2. On the Settings tab, type an Account Name for the user. Type the password for the user. This is
different from the shared secret you type for VPN configuration.
3. Click the MOVPN tab.
4. Select the Enable Mobile VPN with IPSec for this account check box.
5. Type a shared key in the Shared key field.
6. Type the virtual IP address in the field. The virtual IP address must be an address on the X Edge trusted or optional network that is not used and is not part of any range of DHCP addresses assigned by the Edge.
This address is used by the remote computer to connect to the network behind Firebox X Edge.
7. Configure/change the Authentication Algorithm or Encryption Algorithm settings or leave them to default.
8. Set Mobile VPN key expiration in kilobytes and/or hours or leave defaults.
9. Select Mobile User in the VPN Client Type drop-down list.
10. Select the All traffic uses tunnel ( IP Subnet) check box if the remote client sends all its
traffic (including usual web traffic) through the VPN tunnel to the Firebox X Edge [called zero route tunnel]; if you wish to implement split tunneling then leave this box unchecked.
11. Click Submit.

To get the .wgx file:
Select Firebox Users. Below Secure Mobile VPN with IPSec Client Configuration Files, select the .wgx file to download. Save the .wgx file to your computer.
You need to take this file to the remote machine; install software and then double click the file; it would prompt for password [this is as set in step # 5 above]. After this the client is configured and ready to connect.

Please implement and update if you need more details.

Thank you.

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Loops Section Overview
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question