Solved

Watchguard Issues

Posted on 2014-04-12
3
653 Views
Last Modified: 2014-04-13
Hello!
I have a Watchguard XTM 25 and systems on two subnets.  Subnet A is 10.0.0.xxx and Subnet B is 192.168.1.xxx.  From the 10.0.0.xxx I can ping a Windows 2008 R2 server IP on the 192 subnet.  From the 192 subnet, I cannot ping anything on the 10 network.  I can ping the default 192 gateway which is set up as a VLAN on Port 2, and the default gateway for the 192 network is on an HP Procurve 2848 switch (also pingable).

How can I get the Windows 2008 R2 server on the 192 network to talk to the 10 network.

Also, I cannot RDP from the 10 network to the 192 network.  I receive the following error when attempting to RDP:
2014-04-12 20:49:33 Deny 10.0.0.64 192.168.1.244 1900/udp 33895 1900 1-Trusted 2-VLAN 100 Denied 501 63 (Unhandled Internal Packet-00)  proc_id="firewall" rc="101"       Traffic

Any assistance would be appreciated.

Thank you!
0
Comment
Question by:swlaurie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 25

Expert Comment

by:Zephyr ICT
ID: 39997070
Besides possible issues with routing, did you open the necessary ports/holes in the firewall?

e.g:

- Port for Remote Desktop --> 10.x.x >> TCP 3389 >> 192.x.x
- Allow ICMP Echo from 192.x.x on the 10.x.x network
0
 

Author Comment

by:swlaurie
ID: 39997206
Spravtek,
I am a complete noob to the WG line. How would I go about setting the above up?
0
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 500 total points
ID: 39997259
Well ... Good question, I don't have a WG myself, thought you would be able to get in there and get going ;)

Maybe if you post some screenshots? Can you tell us where exactly you get stuck?

There's an endless amount of possibilities with Firewalls, it can be routing, though I doubt it, it can be that you just need to enable some policies...

For starters, check what policies are enabled: Firewall > Firewall Policies

Try to add a policy from the templates, maybe there's one for Remote Desktop? If not, you could create a policy for port 3389 for example ...

You'll probably need to check the aliases of your network, see which one is trusted and such things...

I don't know what you want to open on the network, is the 10.x.x considered as the outside network or DMZ? ...

Hope this helps you on your way ... I know it's not ideal, it's difficult without eyes on the device/interface :)
0

Featured Post

Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question