About Mobile VPN Client Configuration Files

With Mobile VPN with IPSec, the network security administrator controls end user profiles. Policy Manager is used to create the Mobile VPN with IPSec group and create an end user profile, with the file extension .wgx, .ini, .vpn, or .wgm. The .wgx, .ini, .vpn, and .wgm files contain the shared key, user identification, IP addresses, and settings that are used to create a secure tunnel between the remote computer and the Firebox.

The .wgx file is encrypted with a passphrase that is eight characters or greater in length. You must use Policy Manager to generate the .wgx file. Both the administrator and the remote user must know this passphrase. When you use the WatchGuard IPSec Mobile VPN Client software to import the .wgx file, the passphrase is used to decrypt the file. The .wgx file does not configure the Line Management settings.

The .ini configuration file is not encrypted. It should only be used if you have changed the Line Management setting to anything other than Manual. For more information, see Line Management on the Advanced tab in the Mobile VPN with IPSec group profile.

For information about how to edit the group profile, see Modify an Existing Mobile VPN with IPSec Group Profile.

The .vpn configuration file is for use with the Shrew Soft VPN client. This file is not encrypted. For more information, see About the Shrew Soft VPN Client.

The .wgm configuration file is for use with the WatchGuard Mobile VPN app for Android and iOS devices. The .wgm file is encrypted with a passphrase that is eight characters or greater in length. Both the administrator and the remote user must know this passphrase. When you use the WatchGuard Mobile VPN app for Android or iOS to import the .wgm file, the passphrase is used to decrypt the file.

After you use the Add Mobile VPN with IPSec wizard or edit the Mobile VPN with IPSec settings, you can generate an client configuration file. For more information, see Generate Mobile VPN with IPSec Configuration Files.

To make the user profile read-only in the IPSec Mobile VPN Client, you can lock the profile. For information about how to lock a user profile from Fireware Web UI, see Lock Down an End User Profile.

Give Us Feedback     Get Support     All Product Documentation     Technical Search