[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

VPN connection issue

Posted on 2014-08-21
9
Medium Priority
?
32 Views
Last Modified: 2015-08-10
I have a watchguard XTM_5 Series out of the service contract.  I have 2  ports set up with the same ISP - on side has and address of lets say 10.10.10.5 outside and the other port has 12.12.12.5 - the 10.10.10.5 is going away becuase we were given a new range and the 12.12.12.5 side is staying.  The issue is the 12.12.12.5 side isn't allowing the VPN (L2TP) to connect properly.  Sometimes it works sometimes it doesn't.  I was trying to reconfigure the watchguard to allow for Radius Authentication but I've completely taken that out.  This is when the trouble started.  The strange part is I can connect to the 10.10.10.5 address with the same L2TP connection without an issue.  My though is the can't be the watchguard because regardless of the IP it's going though the same appliance with the same policies.  Can anyone offer any thoughts as to what my issue might be?
0
Comment
Question by:WellingtonIS
  • 6
  • 3
9 Comments
 
LVL 3

Expert Comment

by:TropicalBound
ID: 40276093
A routing issue perhaps?  The connection originates from 12.12.12.5, but perhaps the response is being sent out the 10.10.10.5 port.  Check your routing tables and see which port 0.0.0.0/0 uses.

Have you tried disabling the 10.10.10.5 port for testing purposes?  Disabling the port may rebuild the routing table.
0
 

Author Comment

by:WellingtonIS
ID: 40276111
NO perhaps I will try that.
0
 

Author Comment

by:WellingtonIS
ID: 40276132
I took out the cable from the port and set it back in and still nothing.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 3

Expert Comment

by:TropicalBound
ID: 40276146
I think you need to disable the port (and leave it disabled until testing is complete).  Just unplugging the cable may not be enough to force a rebuild of the routing table.

Did you check the table to see what port 0.0.0.0/0 is using?
0
 

Author Comment

by:WellingtonIS
ID: 40276161
I"m going to send you my logs with the ip's.  I don't understand them maybe you can help me out.  It's attached.  the only thing that I changed initally was I was trying to add Radius so I was trying to get it to authenticate to my radius server. I've removed it.
watchguardlog1.txt
0
 
LVL 3

Expert Comment

by:TropicalBound
ID: 40277318
Check out this link:

https://www.watchguard.com/support/Fireware_Howto/83/HowTo_MultiWANroutingtable.pdf

Page 5 shows the routing table.  On your Watchguard, make sure the route for 0.0.0.0/0 points to the 12.12.12.x port.
0
 

Author Comment

by:WellingtonIS
ID: 40277333
I don't have this in my status report.  I only have ARP and not Kernel IP routing table
0
 

Accepted Solution

by:
WellingtonIS earned 0 total points
ID: 40286306
Just and update... I think I FINALLY figued out what's wrong.  I just set up a 3rd port with another IP on a different line and it's working - I'm not starting to believe there's something wrong with that line - maybe noise - but I have no way to test for noise.
0
 

Author Closing Comment

by:WellingtonIS
ID: 40922132
this was an issue with the ISP and the line. I had to call the provider
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month19 days, 5 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question