PredatorGR
asked on
How to share a \\NAS Lacie drive to all users connected via MUVPN in Firebox?
Hi,
I am currently try to share a NAS drive over mobile users connected via VPN to my Firebox x1250e running latest fireware 10.1 with the latest version of MUVPN application (users side).
My setup is as follows:
a) Modem/Router connected to external interface of x1250e double NATing due to stupidity of my ISP. (cannot change that).
b)All my company's PCs are connected to Trusted interface of x1250e including the LACIE big ethernet rack via a Linksys 24 switch and all users can access it when typing \\NAS in the address bar.
c)All mobile VPN users can connect to my firebox without any issues at all.
d) The policy "Any" is setted up in the "Mobile VPN with IPsec" tab in my Policy Manager so all ports are open.
Trusted interface ip block is 192.168.2.1 subnet 255.255.255.0,
External interface ip block is 192.168.1.2 255.255.255.0 Gateway 192.168.1.1 (taken from modem/router). All IPs are static, only the MUVPN gives out DHCP IPs in range 192.168.10.1 to 192.168.10.100
Questions:
#1. How can i make all users to be able to access this NAS drive?
#2. The "Any" policy in my Policy Manager is only for ports, or for both ports and protocols?
#3. When creating the Groups/Users i setted up as a resource my Win 2003 R2 server's IP witch is 192.168.2.2. as a Host IP, is this correct? When i do this i can ping all connected users (and vice versa) ONLY from this machine.
#5.What i must do in order to see EVERYTHING behind the Firebox when i am connected via VPN to my firebox?
#6. As said above, only my Server can ping the users, how can i make it to ping everybody each other? I want for example to establish RDP connection between users connected via VPN to my firebox. (not from my server, but between them).
It's a little bit confusing to me, i've read FAQs, manuals, but no luck at all.
Thanks in advance.
I am currently try to share a NAS drive over mobile users connected via VPN to my Firebox x1250e running latest fireware 10.1 with the latest version of MUVPN application (users side).
My setup is as follows:
a) Modem/Router connected to external interface of x1250e double NATing due to stupidity of my ISP. (cannot change that).
b)All my company's PCs are connected to Trusted interface of x1250e including the LACIE big ethernet rack via a Linksys 24 switch and all users can access it when typing \\NAS in the address bar.
c)All mobile VPN users can connect to my firebox without any issues at all.
d) The policy "Any" is setted up in the "Mobile VPN with IPsec" tab in my Policy Manager so all ports are open.
Trusted interface ip block is 192.168.2.1 subnet 255.255.255.0,
External interface ip block is 192.168.1.2 255.255.255.0 Gateway 192.168.1.1 (taken from modem/router). All IPs are static, only the MUVPN gives out DHCP IPs in range 192.168.10.1 to 192.168.10.100
Questions:
#1. How can i make all users to be able to access this NAS drive?
#2. The "Any" policy in my Policy Manager is only for ports, or for both ports and protocols?
#3. When creating the Groups/Users i setted up as a resource my Win 2003 R2 server's IP witch is 192.168.2.2. as a Host IP, is this correct? When i do this i can ping all connected users (and vice versa) ONLY from this machine.
#5.What i must do in order to see EVERYTHING behind the Firebox when i am connected via VPN to my firebox?
#6. As said above, only my Server can ping the users, how can i make it to ping everybody each other? I want for example to establish RDP connection between users connected via VPN to my firebox. (not from my server, but between them).
It's a little bit confusing to me, i've read FAQs, manuals, but no luck at all.
Thanks in advance.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks dpk_wal for the solution that you provided me. Everything is OK now!!
Only problem i got is that i cannot access my NAS by entering \\NAS but only through it's IP. I know that this is a DNS issue, i will fix it.
Thanks again!
Only problem i got is that i cannot access my NAS by entering \\NAS but only through it's IP. I know that this is a DNS issue, i will fix it.
Thanks again!
ASKER
I really thank you!!! :)
You are welcome!
For DNS there are two things you can do:
1. If you have a internal DNS server sitting behind WG; then configure DNS on WG; so your client would get DNS settings along with virtual IP address; this should help in name resolution. also, you can yourself put secondary DNS as remote server on the NIC itself.
2. If above does not work; then you can edit the hosts file on the client machine from where you are initiating the MUVPN client session [%windor%/system32\drivers
Regards
For DNS there are two things you can do:
1. If you have a internal DNS server sitting behind WG; then configure DNS on WG; so your client would get DNS settings along with virtual IP address; this should help in name resolution. also, you can yourself put secondary DNS as remote server on the NIC itself.
2. If above does not work; then you can edit the hosts file on the client machine from where you are initiating the MUVPN client session [%windor%/system32\drivers
Regards
ASKER
Thanks for your support, everything is running smoothly now!
ASKER