Administration Guide 123
Connecting from a Private Computer
An email template is provided that includes the information discussed in this section. The template is
available from the Downloads page of the Administration Portal. WatchGuard recommends that you
customize the text for your site and then send the text in an email to users.
When the Secure Access Client is loaded, users are prompted to log on to the Firebox SSL VPN Gateway
to establish the connection. The Firebox SSL VPN Gateway administrator determines the type of authen-
tication using the Authentication tab of the Firebox SSL VPN Gateway Administration Tool, as
described in “Configuring Authentication and Authorization” on page 61.
If double-source authentication is configured on the Firebox SSL VPN Gateway, and the users are log-
ging on using full access, they type their user name and passwords for each type of authentication. For
example, users are configured to use LDAP authentication and RSA SecurID. They would type their pass-
word, their RSA SecurID personal identification number (PIN), and RSA SecureID code. For more informa-
tion about logging on using double-source authentication, see “Double-source Authentication Portal
Page” on page 43.
Note
If you are using the Linux Client, the connection window will not include the options described in the
following procedure.
The Secure Access Client is installed the first time the user logs on to the portal Web page.
To log on to the Firebox SSL VPN Gateway
1 In the Firebox SSL Secure Access dialog box, enter the logon credentials.
If the Firebox SSL VPN Gateway is configured with more than one authentication realm and you
need to connect to a realm other than the Default, enter the realm name before your user name
(realmName\userName).
If your site uses RSA SecurID authentication, your password is your PIN plus the RSA SecurID token.
2 If the Firebox SSL VPN Gateway requires double-source authentication, type the user name and the
password for each authentication type.
The Secure Access Client dialog box showing double-source authentication
Note
When a user logs on, the authentication is checked in the order that is configured in the realm. If the
user log on fails the primary authentication, the secondary authentication is not checked.
3 If you are behind a proxy server, right-click the dialog box and then click Advanced Options.