To use AuthPoint for Mobile VPN with SSL, see Firebox Mobile VPN with SSL Integration with AuthPoint. If your RADIUS server supports multi-factor or two-factor authentication, you can use multi-factor or two-factor authentication with WatchGuard Mobile VPN with SSL.ĪuthPoint is the WatchGuard MFA solution. In Fireware v12.2 or higher, Mobile VPN with SSL supports AES-GCM. An attacker needs to know only the Firebox IP address and client login credentials to connect.It does not support multi-layer encryption.Mobile VPN with SSL is a secure mobile VPN option, but it is less secure than IPSec-based VPNs because: Firebox Mobile VPN with L2TP Integration with AuthPoint for Azure Active Directory Users.Firebox Mobile VPN with L2TP Integration with AuthPoint.To use AuthPoint with Mobile VPN with L2TP, see: In Fireware v12.5.3 or higher, Mobile VPN with L2TP supports AuthPoint for multi-factor authentication to Active Directory through NPS. AuthPoint, the WatchGuard MFA service, supports MS-CHAPv2 RADIUS authentication. Mobile VPN with L2TP supports multi-factor authentication for MFA solutions that support MS-CHAPv2. Mobile VPN with L2TP also supports certificate-based client authentication in place of the pre-shared key. However, authentication server options are limited to local Firebox authentication and RADIUS. Mobile VPN with L2TP offers a high level of security, which includes multi-layer security. Third-Party IKEv2 VPN Client Integration with AuthPoint.Firebox Cloud Mobile VPN with IKEv2 Integration with AuthPoint for Azure Active Directory Users.Firebox Mobile VPN with IKEv2 Integration with AuthPoint.To use AuthPoint for Mobile VPN with IKEv2, see: Mobile VPN with IKEv2 supports multi-factor authentication for MFA solutions that support MS-CHAPv2.ĪuthPoint is the WatchGuard MFA solution. For more information, see About Elliptic Curve Digital Signature Algorithm (ECDSA) certificates. Your IKEv2 VPN client must also support EC certificates. In Fireware v12.5 or higher, the Firebox supports ECDSA (EC) certificates for Mobile VPN with IKEv2. In Fireware v12.2 or higher, the Firebox supports AES-GCM encryption. For authentication, Mobile VPN with IKEv2 uses EAP and MS-CHAPv2. Certificate-based client authentication is supported instead of a pre-shared key. Mobile VPN with IKEv2 includes multi-layer security, but it is limited to local Firebox authentication and RADIUS. Mobile VPN with IKEv2 offers the highest level of security. SecurityĮach type of Mobile VPN has different security traits. For documentation for Mobile VPN with PPTP, see Fireware Help v11.12.x. For more information, see How do I migrate from PPTP to L2TP before I upgrade to Fireware v12.0? in the WatchGuard Knowledge Base. We recommend that you migrate to a different mobile VPN solution before you upgrade. If your Firebox has Fireware v11.12.4 or lower, Mobile VPN with PPTP is automatically removed from your configuration when you upgrade to Fireware v12.0 or higher. The Mobile VPN with PPTP feature is not available in Fireware v12.0 and higher. You can also configure a client computer to use one or more types of mobile VPNs.īefore you decide which type of Mobile VPN to use, consider your current infrastructure, network policy preferences, and these details: Your Firebox can support all four types of mobile VPNs simultaneously. Fireware supports four types of Mobile VPNs:
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |