bdsstep
asked on
Watchguard Mobile User VPN Dns Not Working
I have an older Watchguard 1000 Firebox, using WSM 7.4..and Mobile User VPN Lite for the Clients.. i am trying to configure the MUVPN Clients to use the gateway on the firebox because they need to access Branch Office VPN. i am able to ping Public Ip Addresses, but it appears that DNS is not working as i cannot resolve anything by name. where does this client get it's DNS Information from.. i have our ISP's DNS configured in the Network Configuration on the firewall.. Thanks in Advance
ASKER
I am using WSM 8.2, it does not have a VPN option from the toolbar.. i did install a newer version of the Mobile User VPN Client and the internet worked fine.. but i like the MUVPN Lite alot better and would like to get it working..
As you have configured public DNS server addresses, your remote clients would not get any DNS server info.
Do you have an internal DNS server running behind WG [or even WINS]; if yes, put this server IP address as secondary DNS in the policy manager. If you do not have any DNS server running then I do not think on the local LAN behind WG there is any name resolution happening.
You best bet in this case would be to manually add names in the .hosts file on the local remote machine.
For MUVPN users to access BOVPN, you should either have the remote site configured as allowed resources and then policy which allows traffic; or configure all traffic uses tunnel [default or zero route tunnel option].
Please let know if you need more details.
Thank you.
Do you have an internal DNS server running behind WG [or even WINS]; if yes, put this server IP address as secondary DNS in the policy manager. If you do not have any DNS server running then I do not think on the local LAN behind WG there is any name resolution happening.
You best bet in this case would be to manually add names in the .hosts file on the local remote machine.
For MUVPN users to access BOVPN, you should either have the remote site configured as allowed resources and then policy which allows traffic; or configure all traffic uses tunnel [default or zero route tunnel option].
Please let know if you need more details.
Thank you.
ASKER
I had the firewall set to our internal DNS Server Originally, and it did not work.. the BOVPN is working fine, it is just the internet.. i cannot resolve anything by name.. I am able to type the IP into a web browser and the web page will load. I have used the Microsoft VPN client and a newer version of the MUVPN client and they both seem to work fine, the problem just appears to be with the MUVPN LITE client.
You mean you have tried different software version on the same machine; or for same user on two different machines you have tried MUVPN lite and newer version software.
Please provide more details.
Thank you.
Please provide more details.
Thank you.
ASKER
Same User on the Same machine..
Microsoft VPN Client works fine using default gateway on remote network,
and i installed a new version of the Mobile User VPN Client (10.04) and it seems to work fine as well. I just prefer the Mobile user VPN Lite because it just seemed to work better, it runs as a service instead of an application. it automatically connects when the service starts.
Microsoft VPN Client works fine using default gateway on remote network,
and i installed a new version of the Mobile User VPN Client (10.04) and it seems to work fine as well. I just prefer the Mobile user VPN Lite because it just seemed to work better, it runs as a service instead of an application. it automatically connects when the service starts.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your assistance.. i will just force myself to use the newer client..
The Mobile VPN with SSL Advanced tab page appears.
Type the primary and secondary addresses for the WINS and DNS servers. You can also type a domain suffix in the Domain Name text box for a client to use with unqualified names.
Click Submit.
The next time an SSL client computer authenticates to the Firebox, the new settings are applied to the connection.
See attached.. hope it helps.
Name-resolution-for-Mobile-VPN.pdf