This article describes how to configure SSL VPN on a WatchGuard firewall. A basic setup needs to be in place.

Configuration

Connect to the firewall using the WSM and select in the Policy Manager VPN > Mobile VPN > SSL.

Here you chooes Activate mobile VPN with ssl and enter your public it into the Primary field. This is also the place where you can select if you want to force all traffic of the client through the tunnel.

 

In the Advanced tab we can provide a domain (if there is one) and a local DNS server.

Since the last patch users and passwords do not get configured using the Authentication tab, you can just view them there. Now you have to choose Setup > Authentication > Authentication Servers…

Here you can choose if you want to add users to the Firebox-DB (internal database on the firewall) or if you want to use authentification with LDAP/AD, RADIUS or SecurID . In this case we create a user on the firewall.

Usergroups make it easy to write Firewallrules. We add the new user to the default group SSL-VPN-Users.

Now you can set up the software on the clients:

Windows Mac Linux

Cheers, Ori