Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

FireBox III 1000 VPN and Throughput (two different questions)

Status
Not open for further replies.
IAmKarl

IAmKarl

Instructor
Dec 13, 2002
25
US
Question for anyone here, I have afew Firebox III 1000's in different locations and am having this problem all over, I cant seem to get my throughput right........ On HTTP connections i can only get 60~70 KBPS and i have a wirespeed of 512K, there is no other trafic on the line, and if i plug a machine right into my router on the other side of the firebox, i can get 200K + from the same site....... and im wondering if anyone knows how to speed up the throughput? Also, VPN, I have inter office VPN's working fine and dandy.. but I want to have remote user, So I installed Remote User VPN and have it configured (50 licenses), I have added a user to the firebox, made sure the firebox authethentication is on, configured the remote user vpn screen with a user, and have him all set up, installed a vpn client on a machine at home, and i loaded my policy....... and hit connect, (and btw, i made sure that all ports that i need for ipsec usage are open) and it fails, in the log it tries to connect three times, and fails each time. The watchguard box makes no mention of it at all in the logs, either the attempts or the failures. (and i made sure i could talk to it, by using another box sitting right next to it on the outside and trying to connect to all of those ports, which i forwarded to different things (http server, telnet, ftp) and they all worked fine, so i know i can use ports 50,51,500 Any clues why this may be happening, or what i could be missing?

Thank you! Karl P
 
Sort by date Sort by votes
What version of the Watchguard Software are you running?
Are you using filtered HTTP or proxied HTTP?
How are you measuring throughput?

How are you authenticating your VPN connection.

I've found a much more reliable authentication method and one that doesn't involve changing the policy each time you want to add a user is to set up an extended authentication group to authentication against an NT domain or RADIUS server
 
Upvote 0 Downvote
Im using Version 6.1..... But the throughput issue was oddly enough related to my main dns servers having some issues with being slow to resolve (Go Figure?) My provider was aware of this, and replaced there main resolvers and cleared that issue up, as to why that effect the boxes so seriously is beyond me.

but as a note I am using Filtered HTTP

As for the VPN, while all the ports are open and correct, the old router we were using all over the place, was for some reason not allowing the IPSec stream to pass, but would allow all the individual ports to work fine, *shrugs* wierdness, new router(x4) latter were in good shape.

and as for the remote user auth, i have played with it, and for the limited amount of people we want to use the VPN, firebox Auth suits us best.

Thanks for all your help! - If anyone has any Q's on this box, i know it pretty well by now lol :eek:)

Karl P
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
722
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
605
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
214
gkittelson
gkittelson
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
746
Shmid
Shmid
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
163
WhosYourDiffie
WhosYourDiffie

Part and Inventory Search

Sponsor

Back
Top