L2TP Connections through Watchguard Firebox

[16051969SRM]

My Corporate Watchguard Firebox X500 has been updated from version 7.21 to version 8.1. After this update I am unable to connect to any of my customers from behind the Firewall using the L2TP protocol.

When I am in front of the Firewall (connected directly to the Internet) I am able to connect to my customers using the L2tp protocol.

I am puzzled by the behaviour of the Firewall after the update.

The policies I have allowed outgoing IPSEC and outgoing L2TP to are using these ports in version 7.21 and version 8.1:
UDP port 500 and UDP port 4500 for IPSEC.
UDP port 2746 for IPSEC.
UDP port 1701 for L2TP.

On the outgoing tab in version 7.21 I've allowed "Any" to "Any" connections.

In the 8.1 version I've allowed "Any" to "Any" outgoing connections.

Has anybody ever encountered a problem as discribed by me and also solved this problem? Please feel free to share this solution with me.

Thanks in advance,

 

[coladmin]

try using the predefined IP sec rule form the policy manager. What type of entries show up in the logs when you are trying to make these connections?

 

[girishangal]

Hi,

There are lot of differences between 7.1 and 8.1 Outgoing policies.

8.1 Outgoing although any-any it still usage TCP proxy.

Which may creating prooblem for you....... Delete that policy and add new policy "TCP-UDP"With Ports Any-Any

I think This will will sort your problems.