Technical Support

Need help?

 

What is Secure VPN and how to configure it in Aether products

Information applies to:

Products
Panda Adaptive Defense 360
Panda Adaptive Defense 360 on Aether Platform
Panda Adaptive Defense on Aether Platform

The security configuration for VPN connections provides an extra layer of security in the connections established between remote user computers and corporate networks through VPN.

The computer that wants to connect to the network through VPN must meet a number of conditions for the Firebox to allow access. If you do not comply, access will be denied.

The agent installed on the computer is responsible for gathering and sending the information that the Firebox needs to perform the checks.

For more information about the Firebox and its VPN connection settings, see https://www.watchguard.com/help/docs/help-center/es-xl/Content/en-US/Fireware/services/tdr/tdr_host_sensor_enforcement.html

Requirements
Before you can use security protection for VPN connections with the Firebox, your computer must meet the following requirements:

  • Have the protection installed and active.
  • Have a valid account ID and authentication key.
  • Operating system: Windows 8.1 or higher and macOS High Sierra 10.13 or higher.
  • Ports: For the security protection for VPN connections to work properly, the agent installed on the computer requires port 33000 for its communication with the Firebox.
  • Activated and running advanced hardening or lock mode protection.
  • Activated and running antivirus protection is considered valid.

Secure VPN connections is not supported on Linux and macOS operating systems. When you enable this functionality, computers running these operating systems or versions earlier than Windows 8.1 will not be able to connect to the VPN.

Requirements check
When the computer tries to connect to the corporate network through a VPN, the Firebox performs the following actions:

  • TDR host sensor enforcement on the Firebox is enabled.
    • Record the host sensor enforcement unique identifier (UUID) and authentication key.
  • Requests information about the status of the protection installed on the computer.
  • Check that the account UUID and authentication key are valid. Both are available in the configuration of the Firebox that is used to connect to the VPN.
  • Confirm that the computer's operating system is valid, contrasting it with the ones configured.
  • Computers you want to enable Secure VPN for have endpoint protection installed and running with Advanced Protection in hardening or lock mode or Antivirus is enabled.
If all checks are positive, the Firebox will allow the computer access to the corporate network through the VPN; otherwise, it will not allow it.

By default, computers have security compliance enforcement turned on to connect to VPN through the Firebox.

Access to security settings for VPN connections
To turn on security for VPN connections, follow these steps:
  1. Click Network Services in the side menu.
  2. In the top tab menu, click VPN Security.

  3. To turn protection on, turn on the slider.
  4. Enter the UUID of the account and the authentication key.
  5. Click the Save Changes button.
+ Configure Secure VPN on the Firebox - Configure Secure VPN on the Firebox

Until the release of Fireware v12.9, you configure secure VPN for the Firebox with the TDR host sensor enforcement settings in Fireware Web UI or Policy Manager.



For information on how to configure host sensor enforcement on the Firebox, see Configure TDR Host Sensor Enforcement in Help Center.
Help nº- 20221102 700130 EN

Have you resolved your query with this article?

yes no

Thanks for your answer


Why didn't you find it helpful?


The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.




Talk to a technician!

 

Business hours: Mondays-Fridays 9:00 to 18:00 CET

Outside business hours, please use the online form.





ALWAYS ONLINE TO HELP YOU TWITTER FORUM CHAT
ALWAYS ONLINE TO HELP YOU TWITTER FORUM CHAT

Hello!

You’re about to visit our web page in English
Would you like to continue?

Yes, I want to visit the web page in English No, I want to visit the web page in

If this is not what you’re looking for,

Visit our Welcome Page!