Watchguard Firebox SSL Series, User Manual

Page: 8 / 198

viii WatchGuard SSL VPN Gateway
Enabling session time-out
................................................................................................................ 92
Configuring Web Session Time-Outs
.............................................................................................. 93
Disabling Desktop Sharing ............................................................................................................... 93
Setting Application Options ............................................................................................................. 93
Enabling Split DNS
.............................................................................................................................. 94
Enabling IP Pooling
............................................................................................................................ 94
Choosing a portal page for a group ................................................................................................ 95
Client certificate criteria configuration .......................................................................................... 95
Global policies
..................................................................................................................................... 96
Configuring Resources for a User Group ....................................................................................... 96
Adding Users to Multiple Groups ..................................................................................................... 98
Allowing and denying network resources and application policies ......................................... 98
Defining network resources
.............................................................................................................. 99
Allowing and Denying Network Resources and Application Policies
.....................................100
Application policies ..........................................................................................................................101
Configuring file share resources ....................................................................................................102
Configuring kiosk mode
..................................................................................................................103
End point resources and policies
...................................................................................................104
Configuring an end point policy for a group ...............................................................................105
Setting the Priority of Groups .........................................................................................................106
Configuring Pre-Authentication Policies
......................................................................................107
CHAPTER 7 Creating and Installing Secure Certificates
..........................................................109
Generating a Secure Certificate for the Firebox SSL VPN Gateway ...................................109
Digital Certificates and Firebox SSL VPN Gateway Operation .............................................110
Overview of the Certificate Signing Request
............................................................................110
Password-Protected Private Keys
...................................................................................................110
Creating a Certificate Signing Request .........................................................................................111
Installing a Certificate and Private Key from a Windows Computer ......................................112
Installing Root Certificates on the Firebox SSL VPN Gateway
..................................................112
Installing Multiple Root Certificates
..............................................................................................113
Creating Root Certificates Using a Command Prompt .............................................................113
Resetting the Certificate to the Default Setting ..........................................................................113
Client Certificates ................................................................................................................................114
To require client certificates ............................................................................................................114
Installing Root Certificates .............................................................................................................115
Obtaining a Root Certificate from a CertificateAuthority
........................................................115
Installing Root Certificates on a Client Device
............................................................................115
Selecting an Encryption Type for Client Connections ................................................................115
Requiring Certificates from Internal Connections ...................................................................116
To require server certificates for internal client connections ....................................................116
Wildcard Certificates ..........................................................................................................................116
CHAPTER 8 Working with Client Connections
.............................................................................117
System Requirements ........................................................................................................................117
Operating Systems ...........................................................................................................................117
Web Browsers
....................................................................................................................................117