[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Watchguard Firebox X20e will not allow VPN tunnel to function and will not allow devices to go on line unitl the computer is logged on to the appliance.

Posted on 2008-10-01
1
Medium Priority
?
507 Views
Last Modified: 2008-10-04
We are just installing a Watchguard Firebox X20e.  There are problems with the manual VPN tunnel allowing traffic, and trouble getting on line the first time.  Workstations must log on to the FireBox [do an https://xx.xx.xx.xx and log on to the box.  LOg off again and you can surf the net.
Debit machine cannot communicate because there is not way to log on to the firebox with it.
Both ends of the tunnel can see each other,  The ping packets are seen at the far end of the tunnel, but the answer is rejected to show all packets dropped
0
Comment
Question by:Wilf
1 Comment
 
LVL 32

Accepted Solution

by:
dpk_wal earned 2000 total points
ID: 22621299
I think you have configured authentication option for all users, so all users need to authenticate; log on to configuration page of Edge:
1. From the navigation bar, select Firebox Users > Settings.
2. I think, Require user authentication (enable local user accounts) is checked; here there are few things which can be done:
 a. You can disable the above option; then there would be no user-based control for access to the Internet or VPN tunnels.
 b. Select and check Automatically prompt for login on Web access checkbox; the authentication dialog box launches any time a user who has not yet authenticated tries to get access to the Internet.
 c. Further if you wish to have authentication implemented you can bypass authentication for few device as:
   i, From the navigation bar, select Firebox Users > Trusted Hosts.
   ii. In the Host IP Address text box, type the IP address of the debit machine on your trusted or optional network to allow it to browse the Internet without authentication restrictions.
   iii. Click Add; repeat to add more devices if needed.

For the VPN tunnel; first thing I would check if the IP subnet of the networks behind the devices are same; if yes, you would need to change the subnet at one of the ends.

Please check and update.

Thank you.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question