Link to home
Start Free TrialLog in
Avatar of uscost
uscost

asked on

PPTP VPN Radius Watchguard

Replace my 700x using WSG 7.3 with a 750e WSG 10.2 and Firewire. (Not a job for the faint at heart). Rebuilt and working Branch Office Tunnels and  other Policies Except PPTP VPN.

Need to get a few users connecting with PPTP access to our network. This was working on old unit.

Issue: you can connect but most times it takes 10-20 tries.

Nothing special, Raidus (IAS) very default (Even built a new IAS with same results). I spent 10 hrs reading and trying everything on this site and other.

IAS Does not fail to authenticate just nothing then after a bunch or tries it works:
FILTER-ID set to PPTP-Users
AD group = XXXX\pptp users

User xxxxx was granted access.
 Fully-Qualified-User-Name = xxxx.com/User Groups/xxxxxx/xxxxx, Michael
 NAS-IP-Address = 127.0.0.1
 NAS-Identifier = <not present>
 Client-Friendly-Name = Watchguard
 Client-IP-Address = 192.168.128.254
 Calling-Station-Identifier = <not present>
 NAS-Port-Type = <not present>
 NAS-Port = 0
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows
 Authentication-Server = <undetermined>
 Policy-Name = WatchGuard
 Authentication-Type = MS-CHAPv2
 EAP-Type = <undetermined>


Have tried to connect local on port 4100 but get an XML page error (did work a one time):

Invalid at the top level of the document. Error processing resource 'https://192.168.128.254:4100/?action=fw_logon&style=fw...

connect() err


GOOD and FAILED logs attached.

Very confused as to why is works sometimes.


PPTP-LOG.txt
SOLUTION
Avatar of dpk_wal
dpk_wal
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of uscost
uscost

ASKER

Windows 2003.

Logs look the same for various users.

I am confused about the XML error when trying port 4100 internal. As i want to use that for testing between WG and Radius, any clues why that error pops up?


I have a ticket opened with WatchGuard on this (will give them a shot before I start trying other things) and will update.
Not sure; it can be a browser issue; please ensure you have Java enabled and try different browsers just to eliminate browser specific issue.

Please update at your convenience.

Thank you.
Avatar of uscost

ASKER

Tried 3 different PC's IE6, IE7 and Firefox. The connection did work 1 time (I got the Watchguard Red login screen). Not sure what or why this is pulling an error.

Still waiting on WatchGuard.

BTW, dpk wal, issue I had with the old unit (would not show parts of some Web Pages) fixed with new Firewall.

Will continue to update on my issues, if anyone has a thought about the :4100 issue please post.
I think with the newer code of proxy, you might see the improvements. If you notice on 10.x version you get far better control of proxy than in earlier version.

Just to verify you do have Watchguard-Authentication policy in policy manager.

Thank you.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial