Solved

No MUVPN on Firebox x500

Posted on 2009-04-06
6
620 Views
Last Modified: 2013-11-16
I have taken over Firebox duties with very little knowlegde.  I would like to setup a mobile VPN.  I have 5 licenses for MUVPN for my Firebox.  When I go to remote user setup in the policy manager, I do not have an MUVPN tab.  Is there an install that must be done to get the tab?  Is there another way to setup a VPN.  I do not understand where to find the settings for the IP address that I need if setting up a connection without the MUVPN.  Any help would be appreciated.
0
Comment
Question by:egalaw
  • 4
  • 2
6 Comments
 
LVL 32

Expert Comment

by:dpk_wal
Comment Utility
Which version of software you have; you should always be able to see MUVPN tab though you might not be able to add any user if you have not added the license.
If you are running version 7.x of software, then check the software you have is with strong encryption [you can click Help->About].

Policy manager is the only place we can configure anything on X500. If you wish to configure PPTP, in the remote user tab itself [just click Activate button; add virtual IP address and add users].

Please check and update.

Thank you.
0
 

Author Comment

by:egalaw
Comment Utility
Wizard,
I am running 7.10.  I do not see strong encryption listed anywhere.  I thought I saw that if you wanted strong encryption, it was a separate dowlnoad.  If I go with PPTP, is the virtual IP address, any address or does it need to be in the scope of my network?  Also, would I select Host or Network IP address?  I do not see where you add users in that section.
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 250 total points
Comment Utility
The encryption bit defined if the software is strong or not (256-bit is strong). You cannot use other software (56-bit) for VPN, you MUST have strong encryption for configuring VPN [even for PPTP].

You would activate PPTP and provide virtual IP address (it can be in any subnet as you wish for simplicity if you have free or unused IPs on you internal network, provide IP in the same range). Depnding if you wish just one machine or multiple machines to VPN in you would select host IP or network IP.

For creating users, you would go to Setup->Authentication; here you can configure firebox users (you would need to add each user on firebox) or if you have RADIUS already implemented you can use that as well.

Please upgrade to strong encryption and we can then proceed further.

Thank you.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 32

Expert Comment

by:dpk_wal
Comment Utility
Also, forgot to mention one thing, we would also need to add a service in policy manager to allow traffic from remote users. It can be ANY or specific service per your need.
We would configure it as below:
Incoming "Enabled and Allowed"; from pptp_users or specific user/group; to trusted
Outgoing "Enabled and Allowed"; from trusted; to pptp_users or specific user/group

Thank you.
0
 

Author Comment

by:egalaw
Comment Utility
Thank youfor the help.  I just got back from vacation so I will have to apologize for not getting back sooner.  I downloaded the latest version with strong encryption.  I then setup a user and it created a wgx file which I then took home and used with the software downloaded from watchguaurd to create a VPN.  I was still unable to create a connection.  Any other ideas?
0
 
LVL 32

Expert Comment

by:dpk_wal
Comment Utility
Can you post few sanitized logs which would help troubleshoot where the settings differ (logs from both client and FB traffic would help).

Please sanitize logs before posting.

Thank you.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now