Solved

No MUVPN on Firebox x500

Posted on 2009-04-06
6
629 Views
Last Modified: 2013-11-16
I have taken over Firebox duties with very little knowlegde.  I would like to setup a mobile VPN.  I have 5 licenses for MUVPN for my Firebox.  When I go to remote user setup in the policy manager, I do not have an MUVPN tab.  Is there an install that must be done to get the tab?  Is there another way to setup a VPN.  I do not understand where to find the settings for the IP address that I need if setting up a connection without the MUVPN.  Any help would be appreciated.
0
Comment
Question by:egalaw
  • 4
  • 2
6 Comments
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24085964
Which version of software you have; you should always be able to see MUVPN tab though you might not be able to add any user if you have not added the license.
If you are running version 7.x of software, then check the software you have is with strong encryption [you can click Help->About].

Policy manager is the only place we can configure anything on X500. If you wish to configure PPTP, in the remote user tab itself [just click Activate button; add virtual IP address and add users].

Please check and update.

Thank you.
0
 

Author Comment

by:egalaw
ID: 24086979
Wizard,
I am running 7.10.  I do not see strong encryption listed anywhere.  I thought I saw that if you wanted strong encryption, it was a separate dowlnoad.  If I go with PPTP, is the virtual IP address, any address or does it need to be in the scope of my network?  Also, would I select Host or Network IP address?  I do not see where you add users in that section.
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 250 total points
ID: 24087310
The encryption bit defined if the software is strong or not (256-bit is strong). You cannot use other software (56-bit) for VPN, you MUST have strong encryption for configuring VPN [even for PPTP].

You would activate PPTP and provide virtual IP address (it can be in any subnet as you wish for simplicity if you have free or unused IPs on you internal network, provide IP in the same range). Depnding if you wish just one machine or multiple machines to VPN in you would select host IP or network IP.

For creating users, you would go to Setup->Authentication; here you can configure firebox users (you would need to add each user on firebox) or if you have RADIUS already implemented you can use that as well.

Please upgrade to strong encryption and we can then proceed further.

Thank you.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 32

Expert Comment

by:dpk_wal
ID: 24087333
Also, forgot to mention one thing, we would also need to add a service in policy manager to allow traffic from remote users. It can be ANY or specific service per your need.
We would configure it as below:
Incoming "Enabled and Allowed"; from pptp_users or specific user/group; to trusted
Outgoing "Enabled and Allowed"; from trusted; to pptp_users or specific user/group

Thank you.
0
 

Author Comment

by:egalaw
ID: 24140000
Thank youfor the help.  I just got back from vacation so I will have to apologize for not getting back sooner.  I downloaded the latest version with strong encryption.  I then setup a user and it created a wgx file which I then took home and used with the software downloaded from watchguaurd to create a VPN.  I was still unable to create a connection.  Any other ideas?
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 24140061
Can you post few sanitized logs which would help troubleshoot where the settings differ (logs from both client and FB traffic would help).

Please sanitize logs before posting.

Thank you.
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question