Contents

Distribute the Software and Profiles

Each VPN client device must have:

  • Software installation package

For Windows devices

The WatchGuard IPSec Mobile VPN Client is available for download from the WatchGuard Portal. This premium client comes with a 30-day trial and requires a license for use after the trial period.

For macOS devices

The WatchGuard IPSec Mobile VPN Client for macOS is available for download from the WatchGuard Portal. This premium client comes with a 30-day trial and requires a license for use after the trial period.

  • The end-user profile

This file contains the group name, shared key, and settings that enable a remote computer to connect securely over the Internet to a protected, private computer network. The end user profiles have the file names groupname.wgx, groupname.ini, and groupname.vpn.

For information about how to manage end-user profiles, see Generate Mobile VPN with IPSec Configuration Files. For information about how to import end-user profiles, see Import the End-User Profile.

  • Two certificate files, if you use certificates for authentication

The first file is the .p12 file, which is an encrypted file containing the certificate. The second file is cacert.pem, which contains the root (CA) certificate. The .p12 and cacert.pem files can be found in the same location as the .wgx end user profile.

  • User documentation

Documentation to help the remote user install the Mobile VPN client and import the Mobile VPN configuration file can be found in the About Mobile VPN Client Configuration Files topics.

  • Passphrase

To import the encrypted .wgx end user profile to the WatchGuard IPSec Mobile VPN Client, the user must type the passphrase to decrypt the file.

You set the encryption passphrase when you create the Mobile VPN group in Policy Manager. Fireware Web UI cannot generate the encrypted .wgx file.

For information about how to change the shared key, see Modify an Existing Mobile VPN with IPSec Group Profile.

We recommend that you distribute end-user profiles by encrypted email or another secure method to prevent user credentials from being intercepted.

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search