Site-to-Site VPN between ISA 2004 standard and WatchGuard firewall
Posted on 2008-10-20
I have created a site to site VPN using PISEC with a preshared key between a ISA server 2004 and a WatchGuard firewall.
When I ping an address behind the WatchGuard firewall I get "negotiating ip security".
On the ISA 2004 I have
- Created a remote site connection pointing to the outside address of the WatchGuard firewall with a pre-shared key.
- Created two network rules to route from and to WatchGuard firewall
- Created access rules on isa 2004 indicating to and from WatchGuard firewall
When I ping an address behind the WatchGuard firewall from the isa 2004 I get "negotiating ip security".When I ping from behind the isa server 2004 I get request timed out.
When I look at the monitoring logs I can see both pings being initiated .When I look at site sessions for the remote site I do not get any indicators that the linl is up between both sites.
Inside address range 192.168.116.0/255.255.255.0
outside address is 184.108.40.206 (mentioned wrong one for security reasons)
Inside address range 192.168.1.0/255.255.255.0
outside address is 220.127.116.11 (mentioned wrong one for security reasons)
FYI - Previously there was Cisco PIX firewall which is DOWN now. So trying to replace it with ISA Server.