Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X4500
291292293294295296297298299300
About Mobile VPN with SSL
288 Firebox X Edge e-Series
Virtual IP Address Range
When a Mobile VPN user connects to the Edge, the Edge must assign that user’s computer an
available IP address from a network behind the Edge. Type the first IP address in the address pool the
Edge can use to assign Mobile VPN connections in the Start of IP address pool field. The Edge gives
out this IP address to the first Mobile VPN with SSL client that connects. The Edge increments the IP
address by 1 and assigns an address to each subsequent Mobile VPN client that connects.
If the virtual IP address range you specify is from the trusted network, Mobile VPN with SSL clients
bridge to the trusted network. If the virtual IP address range you specify is from the optional network,
clients bridge to the optional network.
SSL VPN Advanced tab
Authentication
From the Authentication drop-down list, select the authentication algorithm to use.
Encryption
From the Encryption drop-down list, select the encryption algorithm to use.
Protocol and Port
By default, SSL traffic uses the TCP protocol on port 443. Most users do not change this setting. You
must configure Mobile VPN with SSL to use a different port and protocol if you have a firewall policy
that allows incoming HTTPS. The Edge cannot apply static NAT to allow incoming HTTPS and allow
Mobile VPN with SSL connections on the same port.
Keep Alive
The Keep Alive interval controls how often the Edge sends traffic through the tunnel to keep the
tunnel active when no other traffic is being sent through the tunnel. If no response is received before
the timeout value the tunnel will be dropped.