We're trying to set up MUVPN clients so that people can use their laptops both in the office and while they're at home. However, this has proved to be difficult.
We tried to set up policy configuration partially locked, so that users could only edit their "My Identity" information in the client. When we loaded the client and imported the security policy, they stopped being able to access the router. At all. They were firewalled completely out of the LAN. Their laptops couldn't even ping the router.
This behavior does *not* appear if you enter the client's information instead of importing the profile. Even if they can't connect a VPN to the network (because it's set up to access the Watchguard from the outside), they can still access the router and even get online.
I've tried setting up two seperate accounts, one for a secure VPN inside the office... for all of 20 feet of the Ethernet... the other account for outside. That doesn't work either.
I can't find anything about this in Watchguard MUVPN Client Setup documentation. Does anyone have any ideas?