The WatchGuard IPSec VPN Client includes a full-featured desktop firewall. The firewall operates even when the VPN client is not connected.
In Fireware v12.9.4 or higher, WatchGuard IPSec Mobile VPN Client for macOS v4.70 does not include firewall functionality.
To enable the desktop firewall, from the WatchGuard IPSec VPN client:
- (Windows) Select Configuration > Firewall.
- (macOS) Select WatchGuard Mobile VPN > Preferences > Firewall.
- Select the Enable Firewall check box.
If you enable the firewall, and do not configure firewall rules, the firewall blocks all incoming and outgoing IP traffic.
To configure the firewall, you can add one of the predefined firewall rules or create new firewall rules.
To add a predefined firewall rule:
- From the Predefined firewall rules drop-down list, select a rule.
- Click Insert
The selected rule is added to the rules list. The IP addresses for the selected rule appear below the table.
To add a custom firewall rule:
- Click New.
A new firewall rule is added to the table. By default, a new rule allows all outgoing traffic from any IPv4 address. - Click each column in the table to edit the rule properties.
- Edit the IP addresses for the selected rule in the Local and Remote sections below the table.
After you have enabled the desktop firewall, you can configure your firewall settings.
For more information about how to edit the properties of a firewall rule, and for information about how to configure friendly networks, firewall options and logging, see the Firewall section of the help in the VPN client.