Install and Connect the Mobile VPN with SSL Client

The Mobile VPN with SSL software enables users to connect, disconnect, gather more information about the connection, and to exit or quit the client. The Mobile VPN with SSL client adds an icon to the system tray on the Windows operating system, or an icon in the menu bar on Mac OS X. You can use this icon to control the client software.

To use Mobile VPN with SSL, you must:

  1. Verify system requirements
  2. Download the client software
  3. Install the client software
  4. Connect to your private network

If a user is unable to connect to the XTM device, or cannot download the installer from the XTM device, you can Manually Distribute and Install the Mobile VPN with SSL Client Software and Configuration File.

Client Computer Requirements

You can install the Mobile VPN with SSL client software on computers with these operating systems:

If the client computer has Windows XP, you must log on with an account that has administrator rights to install the Mobile VPN with SSL client software. Administrator rights are not required to connect after the SSL client has been installed and configured. In Windows XP Professional, the user must be a member of the Network Configuration Operators group to run the SSL client.

If the client computer has Mac OS X, administrator rights are not required to install or use the SSL client.

Download the Client Software

To download the client software, you authenticate to the XTM device with an HTTPS connection over port 4100.

  1. Connect to one of these addresses with a web browser:
https://[device interface IP address]/sslvpn.html
https://[device interface IP address]:4100/sslvpn.html
https://[device host name]/sslvpn.html
https://[device host name]:4100/sslvpn.html

The authentication web page appears.

  1. Type your Username and Password.
  2. If Mobile VPN with SSL is configured to use more than one authentication method, select the authentication server from the Domain drop-down list.. For a WatchGuard device that uses Fireware XTM v11.8.x or lower, the Domain drop-down list does not appear, and you must specify the non-default authentication server in the Username text box, before the user name. For example:

The Mobile VPN with SSL download page appears.

Screen shot of the SSL VPN client download page

  1. Click the Download button for the installer you want to use. There are two available versions: Windows (WG-MVPN-SSL.exe) and Mac OS X (WG-MVPN-SSL.dmg).
  2. Save the file to your desktop or another folder of your choice.

On this page you can also download the Mobile VPN with SSL client profile for connections from any SSL VPN client that supports .ovpn configuration files. For more information about the Mobile VPN with SSL client profile, see Use Mobile VPN with SSL with an OpenVPN Client.

Install the Client Software

For Microsoft Windows:

  1. Double-click WG-MVPN-SSL.exe.
    The Mobile VPN with SSL client Setup Wizard starts.
  2. Accept the default settings on each screen of the wizard.
  3. If you want to add a desktop icon or a Quick Launch icon, select the check box in the wizard that matches the option. A desktop or Quick Launch icon is not required.
  4. Finish and exit the wizard.

For Mac OS X:

To install the Mobile VPN with SSL software on Mac OS 10.9 Mavericks, you must select System Preferences > Security & Privacy > General and select the option to allow apps downloaded from anywhere.

  1. Double-click WG-MVPN-SSL.dmg.
    A volume named WatchGuard Mobile VPN is created on your desktop.
  2. In the WatchGuard Mobile VPN volume, double-click WatchGuard Mobile VPN with SSL Installer <version>.mpkg.
    The client installer starts.
  3. Accept the default settings on each screen of the installer.
  4. Finish and exit the installer.

After you download and install the client software, the Mobile VPN client software automatically connects to the XTM device. Each time you connect to the XTM device, the client software checks for configuration updates.

Connect to Your Private Network

For Microsoft Windows:

To start the Mobile VPN with SSL client, use one of these methods:

Screen shot of the WatchGuard Mobile VPN with SSL dialog box

For Mac OS X:

To start the Mobile VPN with SSL client on Mac OS X:

  1. Open a Finder window.
  2. Go to Applications > WatchGuard.
  3. Double-click the WatchGuard Mobile VPN with SSL application.

To connect to your private network from the Mobile VPN with SSL client:

  1. In the Server text box, type or select the address of the XTM device you want to connect to.
    The IP address of the server you most recently connected to is selected by default.
  2. In the Username text box, type the user name. If Mobile VPN with SSL on the XTM device is configured to use multiple authentication methods, you might need to specify the authentication server or domain as part of the user name.
  3. In the Password text box, type the password to use for authentication.
    The client remembers the password, if the administrator configures the authentication settings to allow it.
  4. Click Connect.

The Server is the IP address of the primary external interface of an XTM device. If Mobile VPN with SSL on the XTM device is configured to use a port other than the default port 443, in the Server text box, you must type the primary external interface followed by a colon and the port number. For example, if Mobile VPN with SSL is configured to use port 444, and the primary external IP address is 203.0.113.2, the Server is 203.0.113.2:444.

The Username can include the authentication server and user name of the user. If Mobile VPN with SSL on the XTM device is configured to use multiple authentication methods, users who do not use the default authentication server must specify the authentication server or domain as part of the user name.

The user name must be in one of these formats:

Use the default authentication server

In the User name text box, type just the user name.

Example: j_smith

Use a non-default authentication server

In the User name text box, type <authentication server>\<user name>.

Examples:

The SSL client user must enter their login credentials. Mobile VPN with SSL does not support any Single Sign-On (SSO) services. If the connection between the SSL client and the XTM device is temporarily lost, the SSL client tries to establish the connection again.

Other Connection Options

Two other connection options are available in the client only if the administrator has enabled them on the device you connect to.

Automatically reconnect

Select the Automatically reconnect check box if you want the Mobile VPN with SSL client to automatically reconnect when the connection is lost.

Remember password

Select the Remember password check box if you want the Mobile VPN with SSL client to remember the password you typed for the next time you connect.

Mobile VPN with SSL Client Controls

When the Mobile VPN with SSL client runs, the WatchGuard Mobile VPN with SSL icon appears in the system tray (Windows) or on the right side of the menu bar (Mac OS X). The VPN connection status is shown by the appearance of the icon's magnifying glass.

To see the client controls list, right-click the Mobile VPN with SSL icon in the system tray (Windows), or click the Mobile VPN with SSL icon in the menu bar (Mac OS X). You can select from these actions:

Connect/Disconnect

Start or stop the Mobile VPN with SSL connection.

Status

See the status of the Mobile VPN with SSL connection.

View Logs

Open the connection log file.

Properties

Windows — Select Launch program on startup to start the client when Windows starts. Type a number for Log level to change the level of detail included in the logs.

Mac OS X — Shows detailed information about the Mobile VPN with SSL connection. You can also set the log level.

About

The WatchGuard Mobile VPN dialog box opens with information about the client software.

Exit (Windows) or Quit (Mac OS X)

Disconnect from the XTM device and shut down the client.

See Also

Uninstall the Mobile VPN with SSL Client

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base