
Modifying an Existing Mobile VPN Profile
Mobile User VPN
Adding Users to a Firebox Mobile VPN Group
To create an Mobile VPN tunnel with the Firebox, remote users type their user name and password to
authenticate. WatchGuard® System Manager software uses this information to authenticate the user to
the Firebox®.
To authenticate, users must be part of the group entered in the Add Mobile User VPN Wizard. If you use
Firebox authentication, use the instructions below. If you use a third-party authentication server, use
the instructions provided in your vendor documentation. For more information on Firebox groups, see
the Authentication chapter in the WatchGuard System Manager User Guide.
1 From Policy Manager, select Setup > Authentication > Authentication Servers.
The Authentication Servers dialog box appears.
2 Make sure that the Firebox tab is selected.
3 To add a new user, click the Add button below the Users list.
The Setup Firebox User dialog box appears.
4 Type a user name and passphrase for the new user. Type the passphrase again to confirm it.
Description is not required. Do not change the values for Session Timeout and Idle Timeout unless
the change is necessary.
5 In the Firebox Authentication Groups area use the horizontal arrows to make the new user a
member of the group you created in the wizard.
6 Click OK.
The new user appears in the Users list in the Authentication Servers dialog box. The dialog box
stays open for you to add more users if you choose.
7 To close the Authentication Servers dialog box, click OK.
Modifying an Existing Mobile VPN Profile
After you use the Mobile User VPN wizard to create a new .wgx file, you can make changes to the profile
Change the shared key
Add access to more hosts or networks
Restrict access to a single destination port, source port, or protocol
Change the Phase 1 or Phase 2 settings.
1 From Policy Manager, select VPN > Remote Users.
2 From the list of user names and groups on the Remote User VPN dialog box, click the user name
or group to change.