Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

MUVPN Firebox 1000 - cannot get it to work

Status
Not open for further replies.

rhardy99

MIS
Dec 19, 2003
21
US
I must be an idiot!! I am setting up my VPN using a shared secret. My client gets both Phase1 and 2 to pass. But, I cannot ping or map a drive or anything with my client. The WG shows the client has established a tunnel. I have the ANY service created with ipsec_user having full access. I have read & reread the setup for creating my VPN but for some reason I am pounding my head agaist the wall. I have setup VPN with other appliances like NetScreen but WG is really kicking my butt. I am really hoping someone can help me, I can post log info or whatever is needed.
Basic info:
I have 1 external IP (let's call it 65.65.65.170/30)
My internal IP range is 192.168.1.0/24
My client gets an IP of 192.168.1.99 (local subnet shows 255.255.255.255 on CONN. MONITOR instead of 255.255.255.0)not sure if this is a big deal???
Ping-Cannot ping anything from client to work & work to client.
So, I can see my tunnel being created but something is blocking my communicating with my internal work network.
Authentication-using Firewall (tried using NT Server=same result)
Thanks for anyone who can take the time to help me!
Russ
 
What is your other endpoint? A muvpn user (software) or another appliance? What do you have the ping service set to on the FB?

AM
 
Client is using MUVPN. They also have a software firewall (which I have even tried disabling during some tests connections). The client is using a shared key.
I have Firebox System Manager loaded on the client and at one point could connect to it with the internal IP (192.168.1.xxx) and even change policy settings. So my problem seems to be that I can't talk to the trusted side network of the firebox.
Thank you very much for helping!!!
 
Oh, also my Ping Policy is set to:
Enabled and Allowed
Incoming=Any - Any
Outgoing=Any - Any

Thanks again!
 
Hi All,

Any news on the above problem?
I have run into basicallt the same thing between a SOHO 6 and a FB III.

On the FB III the tunnel shows up and everything looks good, But cant ping the outside of the SOHO 6 or anything inside.

On the SOHO 6 can ping right into the FB III but nothing past it.
Please advise,
Thanks
 
I have finally got my VPN to work. Here is some of my settings:
Firewall Authentication= NT SERVER (Win2K Server-NT 5)
Policies Used= ANY, OUTGOING, PING, and WATCHGUARD
Netowrk Configuration=
WINS/DNS tab has my internal servers listed and domain name, I put my domain name without the .net (domain not domain.net), not sure if that matters.

MUVPN EXTENDED AUTHENTICATION= created groups here & also on my Win2k Server. Allowed access for my group to see the whole network [192.168.1.0/24 (0/*/0)].
Key negotiation Type=Shared Key

MUVPN Clients: Win2k


Let me know if you need any more setting info. Good luck!
 
Hi - We have a Firebox III 700 and are setting up MUVPN. I am able to connect to the network, but unable to Remote Desktop. We are using IPSec. Anyone have any ideas?

Thanks!
 
Hi mns117,
We use Remote Desktop also. We created a seperate policy for it. Policy is just for port 3389 TCP Client. Let me know if this helps.

Russ
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top