WatchGuard Technologies FireboxTM System 4.6 User Manual

User Guide

133

CHAPTER 18

Configuring the Firebox for
Remote User VPN

Remote user virtual private networking (RUVPN) establishes a secure connection
between an unsecured remote host and a protected network over an unsecured
network. RUVPN connects an employee on the road or working from home to trusted
and optional networks behind a Firebox using a standard Internet dial-up connection
without compromising security.

WatchGuard Firebox System offers two types of RUVPN:

Remote User PPTP

Uses the Point-to-Point Tunneling Protocol. This type of RUVPN is included
with the basic WatchGuard package and supports up to 50 concurrent
sessions per Firebox. Works with any Firebox encryption level.

Mobile User VPN

Uses Internet Protocol Security. This type of RUVPN is an optional feature of
the WatchGuard package. It requires strong or medium encryption.

RUVPN requires configuration of both the Firebox and the end-user remote host
computers. This section describes how to configure a Firebox for both types of
RUVPN. For information on configuring the remote host, see “Preparing a Host for
Remote User VPN” on page 141.

Configuration checklist

Before configuring a Firebox to use remote user virtual private networking (RUVPN),
gather the following information:

• The IP addresses to assign to the remote client during RUVPN sessions. The IP

addresses cannot be addresses currently in use in the network.

Remote User PPTP and Mobile User VPN require that the Management

Station be upgraded to either medium or strong encryption level. The medium

and strong encryption upgrade files are available to eligible users on the

LiveSecurity Service Web site at http://www.watchguard.com/support.