About Mobile VPN Client Configuration Files
With Mobile VPN with IPSec, the network security administrator controls end user profiles. Policy Manager is used to create the Mobile VPN with IPSec group and create an end user profile, with the file extension .wgx, .ini, or .vpn. The .wgx, .ini, and .vpn files contain the shared key, user identification, IP addresses, and settings that are used to create a secure tunnel between the remote computer and the Firebox.
The .wgx file is encrypted with a passphrase that is eight characters or more in length. You must use Policy Manager to generate the .wgx file. Both the administrator and the remote user must know this passphrase. When you use the WatchGuard IPSec Mobile VPN Client software to import the .wgx file, the passphrase is used to decrypt the file. The .wgx file does not configure the Line Management settings.
The .ini configuration file is not encrypted. It should only be used if you have changed the Line Management setting to anything other than Manual. For more information, see Line Management on the Advanced tab in the Mobile VPN with IPSec group profile.
For information about how to edit the group profile, see Modify an Existing Mobile VPN with IPSec Group Profile.
The .vpn configuration file is for use with the Shrew Soft VPN client. This file is not encrypted.
We support mobile VPN tunnels created with the Shrew Soft VPN client only if the Shrew Soft client supports your operating system. The Shrew Soft VPN client does not support Windows 8.1 or higher. For more information, see About the Shrew Soft VPN Client in the WatchGuard Knowledge Base.
After you use the Add Mobile VPN with IPSec wizard or edit the Mobile VPN with IPSec settings, you can generate an client configuration file. For more information, see Generate Mobile VPN with IPSec Configuration Files.