Configure Secure VPN

Applies To: WatchGuard EPDR, WatchGuard EDR, WatchGuard EPP

With secure VPN, all VPN connections must meet specified security requirements before they connect to VPN networks. Before you begin, make sure to meet these requirements:

  • Host Sensor Enforcement on the Firebox is enabled. For more information, see Configure TDR Host Sensor Enforcement. Record the Host Sensor Enforcement unique identifier (UUID) and authentication key. If you do not have TDR, you can use a random UUID and authentication key. To generate random UUID, there are free tools available from vendors such as Microsoft. To create a secure authentication key, we recommend that the key include numbers, letters, and special characters.
  • Computers you want to enable secure VPN for run Windows 8.1 or higher. Secure VPN is not compatible with Linux or macOS. If you enable this feature, computers with these operating systems or versions lower than Windows 8.1 cannot connect to a VPN.
  • Computers you want to enable secure VPN for have endpoint protection installed and running with Advanced Protection in hardening or lock mode, or Antivirus enabled and running.
  • The endpoint agent installed on the computer must be able to communicate with the Firebox over port 33000.

You must enable Host Sensor Enforcement on the Firebox before you enable secure VPN. For more information, see Configure TDR Host Sensor Enforcement.

To configure secure VPN:

  1. From the top navigation bar, select Settings.
  2. From the left pane, select Network Services.

Screen shot of Network Services, Secure VPN tab

  1. Click Secure VPN.
  2. Click the Enable security for VPN connections toggle.

Screen shot of Network Services, Secure VPN

  1. In the Account UUID text box, type the UUID for the Firebox.
    This information is available in the Firebox configuration.
  2. In the Authentication Key text box, type the authentication key.
    This information is available in the Firebox configuration.
  3. Click Save Changes.
    All computers are forced to comply with the security requirements to establish a VPN connection through the Firebox.

See Also

Configure Network Services

Configure Network Settings