Setup SSL VPN

January 23, 2018 in watchguard ‐ 1 min read

This article describes how to configure SSL VPN on a WatchGuard firewall. A basic setup needs to be in place.

image

Configuration

Connect to the firewall using the WSM and select in the Policy Manager VPN > Mobile VPN > SSL.

image

Here you chooes Activate mobile VPN with ssl and enter your public it into the Primary field. This is also the place where you can select if you want to force all traffic of the client through the tunnel.

image

 

In the Advanced tab we can provide a domain (if there is one) and a local DNS server.

image

Since the last patch users and passwords do not get configured using the Authentication tab, you can just view them there. Now you have to choose Setup > Authentication > Authentication Servers…

Here you can choose if you want to add users to the Firebox-DB (internal database on the firewall) or if you want to use authentification with LDAP/AD, RADIUS or SecurID . In this case we create a user on the firewall.

image

Usergroups make it easy to write Firewallrules. We add the new user to the default group SSL-VPN-Users.

Now you can set up the software on the clients:

Windows Mac Linux

Cheers, Ori