Distribute the Software and Profiles
Each VPN client device must have:
- Software installation package
For Windows devices
The WatchGuard IPSec Mobile VPN Client is available for download from the WatchGuard Portal. This premium client comes with a 30-day trial and requires a license for use after the trial period.
For macOS devices
The WatchGuard IPSec Mobile VPN Client for macOS is available for download from the WatchGuard Portal. This premium client comes with a 30-day trial and requires a license for use after the trial period.
- The end-user profile
This file contains the group name, shared key, and settings that enable a remote computer to connect securely over the Internet to a protected, private computer network. The end user profiles have the file names groupname.wgx, groupname.ini, and groupname.vpn.
For information about how to manage end-user profiles, see Generate Mobile VPN with IPSec Configuration Files. For information about how to import end-user profiles, see Import the End-User Profile.
- Two certificate files, if you use certificates for authentication
The first file is the .p12 file, which is an encrypted file containing the certificate. The second file is cacert.pem, which contains the root (CA) certificate. The .p12 and cacert.pem files can be found in the same location as the .wgx end user profile.
- User documentation
Documentation to help the remote user install the Mobile VPN client and import the Mobile VPN configuration file can be found in the About Mobile VPN Client Configuration Files topics.
To import the encrypted .wgx end user profile to the WatchGuard IPSec Mobile VPN Client, the user must type the passphrase to decrypt the file.
For information about how to change the shared key, see Modify an Existing Mobile VPN with IPSec Group Profile.
We recommend that you distribute end-user profiles by encrypted email or another secure method to prevent user credentials from being intercepted.