Solved

Watchguard and VPN Connection

Posted on 2004-09-01
3
598 Views
Last Modified: 2013-11-16
I have a Watchguard Firebox 1000.  All of my users can connect via VPN to the firebox but cannot browse the network.  Even though I have told the firewall to Authenticate to NT Server and have even gone as far as entering specific users to access the VPN (as opposed to groups).  It is still the same thing.  I don't think the users are authenticating to the server, just the firewall.  So they can view the network, they just cannot access anything on the network.

Please help as I am about ready to throw the firewall in a DEEP lake......
0
Comment
Question by:Cpacifico
3 Comments
 
LVL 12

Expert Comment

by:ColinRoyds
ID: 11983980
If you can open Outlook online over the VPN but not browse the network or share, then enable file and print sharing on the lan/dial up connection on the remote clients
0
 
LVL 2

Accepted Solution

by:
fendermb4 earned 500 total points
ID: 11999164
1.) Setup a user for Firebox Authentication and ignore the NT Server authentication until you can get it working with Firebox Authentication.  As a side note, NT auth doesn't really work, just ask watchguard support ;-) They will tell you to use Radius if you want to auth against a seperate user DB.
2.)  Try to connect with this firebox user.  If you can connect check to see the IP address you are getting when you connect.  Is it on the right network?  If so disconnect and proceed to step 3.
3.)  Add to your "Any" rule to allow incoming from PPTP_Users to Trusted and outgoing from Trusted to PPTP_Users.  
Save the config up and try to connect again.  Connected ok?  Now try pinging.  Is it working?  If so, remove those two rules we created above and add specific rules for the traffic you want to allow in from the PPTP users.  For example, if you want to allow them to use http, pop3, and smtp, you would add pptp_users to your rules for port 80, 110, and 25.  Or, if you aren't concerned with getting that specific right away, just leave them in the any group, which effectively allows any traffic to flow between your VPN users and your trusted network.
0
 

Author Comment

by:Cpacifico
ID: 11999227
Thank you for your help.  It ended up being the ANY service was configured improperly.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question