2020 has seen the incredible rise of the remote worker, to combat the global Covid-19 pandemic. Whilst health professionals have been debating on how to best combat the pandemic, SMBs have deployed technology for teams to work safely from a remote office location. A key aspect of working remotely, is the ability to access critical work systems.
A common method is via a virtual private network (VPN) connection. A VPN connection allows for a remote machine to connect securely from outside of the office LAN, and present itself as a local device to the network.
The WatchGuard Firebox series of firewalls are an excellent and simple upgrade to existing systems. They feature best in class security, including acting as a VPN server. A key benefit of using a VPN tunnel with a secure protocol, is it encrypts traffic to keep data secure in transit. This prevents any 3rd party from intercepting it easily. Setup of a VPN is as simple as running the wizard from the Firebox web UI. After the VPN server has been established and the wizard completes, connecting users is as simple as installing the Mobile VPN with SSL client software on the machine, from the WatchGuard portal.
The steps to follow are:
2.) In the Firebox Web UI, Select VPN > Mobile VPN.
2.) In the Mobile VPN with SSL section, click Launch Wizard.
3.) Click Next. In the Primary text box, type a public IP address or domain name. This is the IP address or domain name that Mobile VPN with SSL clients connect to by default. This can be an external IP address, secondary external IP address, or external VLAN. For a device in drop-in mode, use the IP address assigned to all interfaces.
4.) Click Next. The authentication settings will appear. To add an authentication server, select a server from the drop-down list and click Add. The setup supports authenticating against both RADIUS and LDAP as an easy method of authenticating against your Active Directory server. To authenticate against either of these, the roles need to be added to the AD server beforehand to connect to.
5.) Click Next. The settings for users and groups appear. Select one or more groups or users to add to the SSLVPN-Users group.
6.) Click Next. The Define the virtual IP Address pool page appears. Specify a virtual IP address pool subnet to use for client connections. Clients that connect to the VPN server will be given an IP address from this pool.
7.) Click Next. Click finish to complete the setup.
After the setup has been completed, the Mobile VPN with SSL agent can be downloaded from the WatchGuard Software Portal. After the agent has been installed, the client can be run to connect to the Firebox VPN by entering in the server address we specified in step 4, and entering in the username and password from the authentication server in step 5.