EddieWr
asked on
PPTP VPN to Watchguard using PPPoE
Help, does anyone know how I can configure a Watchguard X1000 to allow users to connect to the VPN using PPTP where the external IP address is provided using PPPoE?
I have no way to change the external IP to a static address as the ISP in this case (Etisalat in Dubai) do not provide static IP addresses on DSL lines!
I have the X1000 set up with VPN tunnels between the UK branches and the Dubai branch using a dynamic DNS name which the Dubai server updates when the IP address changes and these work OK (most of the time). However if I try to get a mobile user connected the X1000 bloks theincoming packet automatically even though I have incoming VPNport traffic set to allowed. I also cannot access the Remote User setup options to check the settings.
I compared a config file from our X1000 to the one for Dubai and managed to amend the file to give the appropriate IP address options, etc. and also changed "networking.remote_vpn.ppt p.active" from "no" to "yes".
However if I try to save this configuration file back to the X1000 in Dubai it returns an error message saying "PPTP clients are not supported when networking.dynamicip is true".
As mentioned, a static IP address is not an option, but can anyone give me any pointers at all. I am getting my backside kicked about this...
Thanks, Eddie
I have no way to change the external IP to a static address as the ISP in this case (Etisalat in Dubai) do not provide static IP addresses on DSL lines!
I have the X1000 set up with VPN tunnels between the UK branches and the Dubai branch using a dynamic DNS name which the Dubai server updates when the IP address changes and these work OK (most of the time). However if I try to get a mobile user connected the X1000 bloks theincoming packet automatically even though I have incoming VPNport traffic set to allowed. I also cannot access the Remote User setup options to check the settings.
I compared a config file from our X1000 to the one for Dubai and managed to amend the file to give the appropriate IP address options, etc. and also changed "networking.remote_vpn.ppt
However if I try to save this configuration file back to the X1000 in Dubai it returns an error message saying "PPTP clients are not supported when networking.dynamicip is true".
As mentioned, a static IP address is not an option, but can anyone give me any pointers at all. I am getting my backside kicked about this...
Thanks, Eddie
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, that is correct.
ASKER
Thanks Dpk_wal,
I am out in Dubai next week hopefully so will try that solution. We may even put the smaller firewall back in as this was newer but taken out due to a faulty ISP connection.
Ta, Eddie
I am out in Dubai next week hopefully so will try that solution. We may even put the smaller firewall back in as this was newer but taken out due to a faulty ISP connection.
Ta, Eddie
ASKER
Hi Dpk_wal,\\Just to let you know that I am in Dubai to do an office move and Etisalat decided to provide an ADSL Router instead of an ADSL modem so I was able to implement your suggestion and it appears to be working just fine.
Many thanks for your assitance, Eddie
Many thanks for your assitance, Eddie
ASKER
Thanks for the information, we are running on version 7.4.1.
I guess the simple answer is that we cannot do it unless we put a router betweenthe ISP connection and the Watchguard?
Regards, Eddie