Solved

Mobile VPN IPSEC Watchguard UTM for IOS Devices

Posted on 2016-11-16
4
76 Views
Last Modified: 2016-11-26
I have a XTM535 and I tried to setup a mobile Ipsec tunnel to replace the not longer supported PPTP tunnel for IOS 10 for my Ipad but even when I see the user connected I can not reach any machines in the network and when I go to the WSM there are not packages sent.

My config is
Phase 1 SHA1 and 3DES, key group 2
Phase 2 SH1 and 3DES without PFSCapture.PNGForce al traffic to any-external and 0.0.0.0/0
0
Comment
Question by:tonzur40
  • 2
  • 2
4 Comments
 
LVL 32

Expert Comment

by:dpk_wal
ID: 41894692
Have you configured a policy which would allow traffic from remote client to protected resources; something like below:
from mvpn-users; to trusted or specific resources

Please check and update.

Thank you!
0
 

Author Comment

by:tonzur40
ID: 41898196
Yes I did

Thanks
Capture.PNG
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 500 total points
ID: 41898707
In the policy am assuming the user in question is part of the ipsecgroup. If implementing default route tunnel, the remote user should have internet connectivity.
If you want this user to have access to machines on the trusted interfaces, then add any-trusted as well.

Thank you!
0
 

Author Closing Comment

by:tonzur40
ID: 41902682
In a second review after reading your post I noticed the user was not added to the ipsecgroup

Thanks a lot
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to setup VPN onCisco RV016 8 51
Firebase authentication - email based vs custom 3 102
Autoplay video in mobile device 3 112
ASA AnyConnect tunneling 3 32
Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now