How I do enable other VPN connections on my Watchguard Firebox X550e

Hello,

I have a Watchguard firebox x550e Firewall and I am trying to connect with different VPN companies. I'm trying to connect via Cisco VPN and Juniper Networks.

I can get connected to the vpn but unable to ping any internal IP Address's on the clients network. I know this is a configuration with the Watchguard. if anyone can shed some light I what I am doing wrong or how to fix this that would be great.
jumpassociatesAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mere-mortalCommented:
Are you trying to establish a site to site network with the WatchGuard

or

Are you trying to connect through the WatchGuard with a VPN client?

Jason
0
dpk_walCommented:
Although you can use other VPN clients, but WG support would not help you unless you use their IPSec client [MUVPN client which is an OEM product from Safenet (also used by Netscreen Secure Remote by Juniper)].

Have a look at link below to configure MUVPN on WG [also client configuration]:
http://watchguard.custhelp.com/app/answers/detail/a_id/2194/kw/muvpn%20with%20ipsec/related/1

If you wish to use PPTP VPN instead, called RUVPN on WG, then look below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1279/kw/vpn/p/214

Thank you.
0
jumpassociatesAuthor Commented:
Hmm..perhaps I need to clarify.
When client of ours come to our office and are behind our firewall, they can connect to their various VPNs with their home offices. Sometimes they use Cisco VPN, sometimes Juniper.
They can always connect with their VPN, but once they are connected, they can't ping their servers or even browse their shares.
Is there something that needs to be done on my firewall (Watchguard) to allow other VPN connections to work while people are behind it?
 
Thanks!
0
Top Threats of Q1 & How to Defend Against Them

WEBINAR: Join WatchGuard CTO and our Threat Research Team on Aug. 2nd to hear the findings from our Q1 Internet Security Report! Learn more about the top threats detected in the first quarter and how you can defend your business against them!

dpk_walCommented:
Most probably when they connect using the VPN client from behind the firewall; the remote VPN is zero route tunnel where all traffic from their adapter is routed over VPN including local network traffic; implementing spli-tunnel VPN tunnels on the remote firewall would solve the problem.

There is no setting required on your end as the firewall is merely internet provider to the clients.

Thank you.
0
jumpassociatesAuthor Commented:
Thanks for the feedback.
I'm trying to zero in on a permanent answer to give to my higher ups. Unfortunately, they connect to a major corporations' VPNs from behind our Watchguard firewall. It used to work last week, but now, after they see "connected" on their Cisco or Juniper client, they cannot browse the shares.
What can I suggest to these outside companies to allow them to browse their shares?
0
dpk_walCommented:
Do you have Outgoing policy for allowing all traffic originating on the trust/optional network to go to Untrust network; if yes, then there is no other setting in WG which you can tweak.

Are they able to ping the resources by IP and name; if only IP and not name then it is DNS/WINS issue; have same DNS/WINS IP [secondary] as that of the remote VPN network would resolve the issue.

Are they able to browse to remote resources and use name if on different internet connection [when not behind WG]. If no, then the problem is certainly not with WG.

Frankly, I would not troubleshoot the remote resource connectivity issue as WG has no role to play other than to provide internet connectivity to the clients.
Once the tunnel the up between remote network and VPN client, WG would not be able to inspect any packet that flows through it as it would be encrypted, all WG would do with packet is to forward to ISP and back.

Thank you.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.