No MUVPN on Firebox x500

Posted on 2009-04-06
Last Modified: 2013-11-16
I have taken over Firebox duties with very little knowlegde.  I would like to setup a mobile VPN.  I have 5 licenses for MUVPN for my Firebox.  When I go to remote user setup in the policy manager, I do not have an MUVPN tab.  Is there an install that must be done to get the tab?  Is there another way to setup a VPN.  I do not understand where to find the settings for the IP address that I need if setting up a connection without the MUVPN.  Any help would be appreciated.
Question by:egalaw
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 32

Expert Comment

ID: 24085964
Which version of software you have; you should always be able to see MUVPN tab though you might not be able to add any user if you have not added the license.
If you are running version 7.x of software, then check the software you have is with strong encryption [you can click Help->About].

Policy manager is the only place we can configure anything on X500. If you wish to configure PPTP, in the remote user tab itself [just click Activate button; add virtual IP address and add users].

Please check and update.

Thank you.

Author Comment

ID: 24086979
I am running 7.10.  I do not see strong encryption listed anywhere.  I thought I saw that if you wanted strong encryption, it was a separate dowlnoad.  If I go with PPTP, is the virtual IP address, any address or does it need to be in the scope of my network?  Also, would I select Host or Network IP address?  I do not see where you add users in that section.
LVL 32

Accepted Solution

dpk_wal earned 250 total points
ID: 24087310
The encryption bit defined if the software is strong or not (256-bit is strong). You cannot use other software (56-bit) for VPN, you MUST have strong encryption for configuring VPN [even for PPTP].

You would activate PPTP and provide virtual IP address (it can be in any subnet as you wish for simplicity if you have free or unused IPs on you internal network, provide IP in the same range). Depnding if you wish just one machine or multiple machines to VPN in you would select host IP or network IP.

For creating users, you would go to Setup->Authentication; here you can configure firebox users (you would need to add each user on firebox) or if you have RADIUS already implemented you can use that as well.

Please upgrade to strong encryption and we can then proceed further.

Thank you.
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

LVL 32

Expert Comment

ID: 24087333
Also, forgot to mention one thing, we would also need to add a service in policy manager to allow traffic from remote users. It can be ANY or specific service per your need.
We would configure it as below:
Incoming "Enabled and Allowed"; from pptp_users or specific user/group; to trusted
Outgoing "Enabled and Allowed"; from trusted; to pptp_users or specific user/group

Thank you.

Author Comment

ID: 24140000
Thank youfor the help.  I just got back from vacation so I will have to apologize for not getting back sooner.  I downloaded the latest version with strong encryption.  I then setup a user and it created a wgx file which I then took home and used with the software downloaded from watchguaurd to create a VPN.  I was still unable to create a connection.  Any other ideas?
LVL 32

Expert Comment

ID: 24140061
Can you post few sanitized logs which would help troubleshoot where the settings differ (logs from both client and FB traffic would help).

Please sanitize logs before posting.

Thank you.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question