About Remote User Vpn; Configuring The Remote Users Authentication Policy - Watchguard V10 User Manual

CHAPTER 12: Creating a Remote User VPN Policy

About Remote User VPN

Telecommuters and traveling employees who need access
to the corporate network are common fixtures in today's
business environment. RUVPN creates an IPSec tunnel
between an unsecured remote host and your trusted and
optional networks using a standard Internet dial-up or
broadband connection–without compromising security.
This type of VPN requires only one Firebox Vclass appli-
ance for the private network and the Mobile User VPN
software client, which is an optional feature of the Firebox
Vclass appliances.
RUVPN uses IPSec with DES or 3DES-CBC to encrypt
incoming traffic and MD5 or SHA-1 to authenticate data
packets. You create a security policy and distribute it along
with the RUVPN software to each telecommuter. After the
software is installed on the telecommuters' computers,
they can securely access corporate resources. RUVPN users
can modify their security policy. You can also restrict
RUVPN users fo that they they have read-only access to
the policy.
Remote User VPN is available on all Firebox Vclass models
except the V10. The Firebox Vclass appliance models V200,
V100, V80, V60, and V60L come with 20 Remote User VPN
licenses, upgradeable in increments of 20, 100, 500, or 1,000.
Configuring the Remote Users Authentication
Policy
Before creating a security policy to allow RUVPN traffic,
you must first choose the user authentication database
your appliance will use.
RUVPN users authenticate either to the user authentication
database on the Firebox Vclass appliance or to a RADIUS
authentication server that you have previously configured.
328 Vcontroller