Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
config watch guard firebox 500 for teleworker
- Thread starter 21785
- Start date
- Status
If this is the box I think it is - it wont work.......
We had a Watch guard (in one of our offices) and the problem we had was that everything talks to the web facing address of the teleworker BUT the watch guard says that all true 'web addresses' go out of the 'internet' port and it wont allow you to send them to the DMZ port for the teleworker. We have also had this at a couple of customer sites as well.
So I have devised a simple solution, which basically involves two parts; the first is a skip and the second is a Cisco PIX.
We have quite a lot of teleworker solutions on Cisco PIXs and they always work great.
SORRY............
We had a Watch guard (in one of our offices) and the problem we had was that everything talks to the web facing address of the teleworker BUT the watch guard says that all true 'web addresses' go out of the 'internet' port and it wont allow you to send them to the DMZ port for the teleworker. We have also had this at a couple of customer sites as well.
So I have devised a simple solution, which basically involves two parts; the first is a skip and the second is a Cisco PIX.
We have quite a lot of teleworker solutions on Cisco PIXs and they always work great.
SORRY............
- Thread starter
- #3
chadmaynard
IS-IT--Management
- Dec 10, 2008
- 3
Does your firebox support 1:1 or One-to-One NAT ? If so remove your current NAT config from the dynamic or inbound NAT config and add a rule with the outbound IP pointing to an IP in your DMZ or LAN. This will NAT not only the incoming packets to your server but also will NAT the outgoing packets to the 1:1 address instead of the primary public IP address. This should take care of your problem. If it doesn't support 1:1 but does support outbound or advanced NAT then reply and I will explain how to configure that. It's been a long time since I worked with a firebox.
- Thread starter
- #5
TheMitelGuy
IS-IT--Management
Do we have any examples of this working? I've even called WG and they have reviewed the TW handbook, yet they can't even figure this out.
RogerStrong
Programmer
- Dec 12, 2008
- 1
I'm connected right now through a Firebox 500. My Mitel 5224 handset connects directly, and Your Assistant connects through the Watchguard Mobile VPN.
I don't have YA set to "Teleworker Mode", but I get the presence information for other users, chat windows, and the pop-up windows for transferring calls, etc.
I'm not even remotely an expert on the Firebox. I just openned the ports that one of the Mitel documents called for - either a YA or a Teleworker handbook.
If this is what you're looking for, I can take a closer look at the setup.
I don't have YA set to "Teleworker Mode", but I get the presence information for other users, chat windows, and the pop-up windows for transferring calls, etc.
I'm not even remotely an expert on the Firebox. I just openned the ports that one of the Mitel documents called for - either a YA or a Teleworker handbook.
If this is what you're looking for, I can take a closer look at the setup.
- Status
Similar threads
- Question