Configure Server 2003 VPN through Firebox X500 3

[mikeataos]

We have server 2003 and a Watchguard Firebox X500 firewall. We can't get remote client connections to the server. It always freezes on the verifying user name and password and then displays an error 721 message.It appears to be getting through the firewall? Any help is greatly appreciated.

 

[getTechTonics]

coladmin,
I've followed your instructions and am 99.99% sure I did exactly what you recommended. Still no luck. My only thing I have a question on is at this point:

>nat base external IP 216.xxx
>real base internal IP address 192.xxx

In this window there are a few "interface" options. The default is "External" but there are also these options to choose from in the drop down: "Internal", "Trusted", "IPsec"

Also, in the "Advanced nat settings" window in the Service-based tab it seems like I should have the "Enable service based nat" box checked, is this correct? in my current non-working config it is unchecked.

Thanks again.

 

[coladmin]

external is correct

what type of IP sec traffic are you using?how is your policy rule configured.

you really dont neeed the service based nat

 

[ilisoft]

You must configure Static NAT for each service. Because of how static NAT operates, it is available only for services that use a specified port, which include TCP and UDP. A service that has an other protocol cannot use incoming static NAT. And the NAT button in the Properties dialog box of the service does not work. You also cannot use Static NAT with the Any service. Before you configure static NAT for a service, refer to the FAQ:

https://www.watchguard.com/support/advancedfaqs/nat_outin.asp

This I found in the watchguard help! I have the same problem. Gonna try it.

ilisoft