Lock Down an End User Profile

You can use the global settings to lock down the end user profile so that users can see some settings but not change them, and hide other settings so that users cannot change them. We recommend that you lock down all profiles so that users cannot make changes to their profiles.

  1. (Fireware v12.3 or higher) Select VPN > Mobile VPN.
  2. In the IPSec section, select Configure.
  3. (Fireware v12.2.1 or lower) Select VPN > Mobile VPN with IPSec.
  4. To give mobile users read-only access to their profiles, select the Make security policies read-only in the WatchGuard Mobile VPN client check box.

Screen shot of the Global Settings for Mobile VPN with IPSec check box

  1. Click Save.
  1. (Fireware v12.3 or higher) Select VPN > Mobile VPN > IPSec.
  2. (Fireware v12.2.1 or lower) Select VPN > Mobile VPN with IPSec.
  3. Click Advanced.
    The Advanced Export File Preferences dialog box appears.

Screen shot of the Advanced Export File Preferences dialog box

  1. To give mobile users read-only access to their profiles, select the Make the security policy read-only in the WatchGuard Mobile VPN with IPSec Client check box.
  2. Click OK.

After you configure this setting, the next time you generate a set of mobile user configuration files, the .ini and .wgx files are locked for the WatchGuard Mobile VPN with IPSec client.