If this is the box I think it is - it wont work.......
We had a Watch guard (in one of our offices) and the problem we had was that everything talks to the web facing address of the teleworker BUT the watch guard says that all true 'web addresses' go out of the 'internet' port and it wont allow you to send them to the DMZ port for the teleworker. We have also had this at a couple of customer sites as well.
So I have devised a simple solution, which basically involves two parts; the first is a skip and the second is a Cisco PIX.
We have quite a lot of teleworker solutions on Cisco PIXs and they always work great.
Does your firebox support 1:1 or One-to-One NAT ? If so remove your current NAT config from the dynamic or inbound NAT config and add a rule with the outbound IP pointing to an IP in your DMZ or LAN. This will NAT not only the incoming packets to your server but also will NAT the outgoing packets to the 1:1 address instead of the primary public IP address. This should take care of your problem. If it doesn't support 1:1 but does support outbound or advanced NAT then reply and I will explain how to configure that. It's been a long time since I worked with a firebox.
I'm connected right now through a Firebox 500. My Mitel 5224 handset connects directly, and Your Assistant connects through the Watchguard Mobile VPN.
I don't have YA set to "Teleworker Mode", but I get the presence information for other users, chat windows, and the pop-up windows for transferring calls, etc.
I'm not even remotely an expert on the Firebox. I just openned the ports that one of the Mitel documents called for - either a YA or a Teleworker handbook.
If this is what you're looking for, I can take a closer look at the setup.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.