Watchguard site to site tunnel Cable modem

Hi Experts,

I am trying to setup a site to site vpn tunnel.

1)2 Identical XTM50 Watchguard firewalls.
3) Internet Lines - Comcast with SMC modems.

I can not bring up the tunnel and I have triple checked the setting on each end it they are identical.

It appeas that the connection is being rejected at the remote site. I am not sure if it is the comcast modems not allwoing the connection and I have contacted them and they do not block IPSec traffic. I do see an option in the modem settings to build site to site, but do not want modems manging this I perfer the watchguards. As any one ever had an issue while using comcast modems?

Thanks
talltreeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
Without having the details, it is hard to say.

First thing is to check the logs on each side to see what is being recorded for the VPN establishment.

Does each watchguard get a public IP?


To avoiding missing the obvious.
Site 1: WAN IP
Site 1: Local LAN1

Site 2: WAN IP
Site 2: Local LAN2

Local LAN1 and Local LAN2 must be unique.

The below is a guide with snapshots
https://kb.meraki.com/knowledge_base/watchguard-xtm-site-to-site-vpn-with-mx-series


Use the following as a guide.

I.e. you could post your data with masquerading the first three octets of the public IPs as well as the passphrase.

http://www.watchguard.com/training/vvpn/VPN_Policies/vpnpoa15.htm
0
dpk_walCommented:
when you say >> connection is being rejected at the remote site
are there any logs to substantiate that remote site is indeed rejecting the packets.

As already mentioned; please post sanitized logs so we know what exactly is happening.

Have a look at link below to ensure that the settings are correct:
http://www.watchguard.com/help/docs/wsm/11_XTM/en-US/index.html#en-US/bovpn/manual/manual_bovpn_fireware-xtm_fireware-xtm_wsm.html%3FTocPath%3DManual%20Branch%20Office%20VPN%20Tunnels|Manual%20BOVPN%20Examples|_____1

Logs can be seen in traffic monitor:
http://www.watchguard.com/help/docs/wsm/11_XTM/en-US/index.html#en-US/fsm/log_msgs_traffic_mon_wsm.html%3FTocPath%3DMonitor%20Your%20Device|Device%20Log%20Messages%20%28Traffic%20Monitor%29|_____0

Please check and update.

Thank you.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.