Solved

Watchguard and VPN Connection

Posted on 2004-09-01
3
595 Views
Last Modified: 2013-11-16
I have a Watchguard Firebox 1000.  All of my users can connect via VPN to the firebox but cannot browse the network.  Even though I have told the firewall to Authenticate to NT Server and have even gone as far as entering specific users to access the VPN (as opposed to groups).  It is still the same thing.  I don't think the users are authenticating to the server, just the firewall.  So they can view the network, they just cannot access anything on the network.

Please help as I am about ready to throw the firewall in a DEEP lake......
0
Comment
Question by:Cpacifico
3 Comments
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11983980
If you can open Outlook online over the VPN but not browse the network or share, then enable file and print sharing on the lan/dial up connection on the remote clients
0
 
LVL 2

Accepted Solution

by:
fendermb4 earned 500 total points
ID: 11999164
1.) Setup a user for Firebox Authentication and ignore the NT Server authentication until you can get it working with Firebox Authentication.  As a side note, NT auth doesn't really work, just ask watchguard support ;-) They will tell you to use Radius if you want to auth against a seperate user DB.
2.)  Try to connect with this firebox user.  If you can connect check to see the IP address you are getting when you connect.  Is it on the right network?  If so disconnect and proceed to step 3.
3.)  Add to your "Any" rule to allow incoming from PPTP_Users to Trusted and outgoing from Trusted to PPTP_Users.  
Save the config up and try to connect again.  Connected ok?  Now try pinging.  Is it working?  If so, remove those two rules we created above and add specific rules for the traffic you want to allow in from the PPTP users.  For example, if you want to allow them to use http, pop3, and smtp, you would add pptp_users to your rules for port 80, 110, and 25.  Or, if you aren't concerned with getting that specific right away, just leave them in the any group, which effectively allows any traffic to flow between your VPN users and your trusted network.
0
 

Author Comment

by:Cpacifico
ID: 11999227
Thank you for your help.  It ended up being the ANY service was configured improperly.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now