Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How I do enable other VPN connections on my Watchguard Firebox X550e

Posted on 2010-08-18
6
Medium Priority
?
1,164 Views
Last Modified: 2013-11-16
Hello,

I have a Watchguard firebox x550e Firewall and I am trying to connect with different VPN companies. I'm trying to connect via Cisco VPN and Juniper Networks.

I can get connected to the vpn but unable to ping any internal IP Address's on the clients network. I know this is a configuration with the Watchguard. if anyone can shed some light I what I am doing wrong or how to fix this that would be great.
0
Comment
Question by:jumpassociates
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 1

Expert Comment

by:mere-mortal
ID: 33473182
Are you trying to establish a site to site network with the WatchGuard

or

Are you trying to connect through the WatchGuard with a VPN client?

Jason
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 33476638
Although you can use other VPN clients, but WG support would not help you unless you use their IPSec client [MUVPN client which is an OEM product from Safenet (also used by Netscreen Secure Remote by Juniper)].

Have a look at link below to configure MUVPN on WG [also client configuration]:
http://watchguard.custhelp.com/app/answers/detail/a_id/2194/kw/muvpn%20with%20ipsec/related/1

If you wish to use PPTP VPN instead, called RUVPN on WG, then look below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1279/kw/vpn/p/214

Thank you.
0
 

Author Comment

by:jumpassociates
ID: 33477153
Hmm..perhaps I need to clarify.
When client of ours come to our office and are behind our firewall, they can connect to their various VPNs with their home offices. Sometimes they use Cisco VPN, sometimes Juniper.
They can always connect with their VPN, but once they are connected, they can't ping their servers or even browse their shares.
Is there something that needs to be done on my firewall (Watchguard) to allow other VPN connections to work while people are behind it?
 
Thanks!
0
Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

 
LVL 32

Expert Comment

by:dpk_wal
ID: 33477438
Most probably when they connect using the VPN client from behind the firewall; the remote VPN is zero route tunnel where all traffic from their adapter is routed over VPN including local network traffic; implementing spli-tunnel VPN tunnels on the remote firewall would solve the problem.

There is no setting required on your end as the firewall is merely internet provider to the clients.

Thank you.
0
 

Author Comment

by:jumpassociates
ID: 33477901
Thanks for the feedback.
I'm trying to zero in on a permanent answer to give to my higher ups. Unfortunately, they connect to a major corporations' VPNs from behind our Watchguard firewall. It used to work last week, but now, after they see "connected" on their Cisco or Juniper client, they cannot browse the shares.
What can I suggest to these outside companies to allow them to browse their shares?
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 2000 total points
ID: 33481537
Do you have Outgoing policy for allowing all traffic originating on the trust/optional network to go to Untrust network; if yes, then there is no other setting in WG which you can tweak.

Are they able to ping the resources by IP and name; if only IP and not name then it is DNS/WINS issue; have same DNS/WINS IP [secondary] as that of the remote VPN network would resolve the issue.

Are they able to browse to remote resources and use name if on different internet connection [when not behind WG]. If no, then the problem is certainly not with WG.

Frankly, I would not troubleshoot the remote resource connectivity issue as WG has no role to play other than to provide internet connectivity to the clients.
Once the tunnel the up between remote network and VPN client, WG would not be able to inspect any packet that flows through it as it would be encrypted, all WG would do with packet is to forward to ISP and back.

Thank you.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question