How to allow VPN access to the optional network

Posted on 2007-10-12
Last Modified: 2013-11-16
I have a Watchguard Firebox X500 with firmware 8.3 installed.

The LAN network is 172.18.19.x
I have set up a DMZ on the optional network with an address of 192.168.1.x

I have created a VPN policy for remote users.

The users can connect to the Local LAN via the VPN, but are unable to browse the DMZ (Optional network)

How can I get the remote users to be able to access both networks?????
Question by:Codestone
    1 Comment
    LVL 32

    Accepted Solution

    By default a user would be able to access only one subnet, to have access to optional network you would either need to configure VPN user as "Yes, force all internet traffic to flow through the tunnel (less flexible, more secure)" option; with this option all the user's traffic would come to WG even internet traffic [this might cause problem at user end that they might not be able to connect to intranet at all or might not be connected to internet for the duration they are connected to VPN]; OR specify the subnet of the optional network under "Identify the resources accesible through the tunnel" of VPN wizard.

    Please note you might need to allow traffic from the trusted to optional network and vice-versa.

    Please implement and update.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now