Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
X750e MUVPN
- Thread starter jbrusie
- Start date
- Thread starter
- #3
Xwire,
Be carefull with the Watchguard SSL. This works very good with the SSL client allthough you should keep in mind that you can only make connections from the client to the central site. But connections from the central site to the client can not be initiated.
In 90% of the cases this traffic is not needed, but in some environments you might need connections from the central site to the remote user and then your SSL is not a sollution anymore.
regards
Beecky
Be carefull with the Watchguard SSL. This works very good with the SSL client allthough you should keep in mind that you can only make connections from the client to the central site. But connections from the central site to the client can not be initiated.
In 90% of the cases this traffic is not needed, but in some environments you might need connections from the central site to the remote user and then your SSL is not a sollution anymore.
regards
Beecky
jbrusie, can you elaborate as to what network settings on the laptop were incorrect? I have been on and off the phone ALL DAY with WatchGuard Tech Support and they have yet to help me get this up and going. Any assistance is greatly apprciated.
Kelly
Kelly
xwire, I am able to connect and authenticate through the Active Directory; however, I am not able to RDP, map a drive or do the UNC path to any directories, or connect up to Outlook for our users that travel. Watchguard is to call me back at 8am my time (which it is now 8:05am) so hopefully if they get me fixed up before anyone else posts a solution, I can hopefully help out soon. jbrusie appeared to have the same exact problem that I did so I am looking at all the settings trying to figure out which ones are wrong.
Kelly
Kelly
krobert, I had the exact same problem yesterday. I struggled with it for an hour and said forget this and rebooted the firebox. I reconnected after that and it worked, dont ask me why but it did. I also noticed before I did this that the MUVPN client was getting the wrong IP address in the range I set. Once I rebooted it started getting the right IP address in the range. There was minimal people accessing stuff outside of our network so I could reboot without my phone ringing.
After talking with Watchguard today, we changed my security from MD5 3DES to MD5 DES, took of the PFS, changed the SA Life to 24, took off the NAT Traversal checkbox, found out I had the wrong number range in my resourses (had xx.xx.x.x/24 and should be xx.xx.x.x./16), and deleted all my IPSec policies that I use to have for the Firebox III box. My only problem now is that I still do not have OWA up and working. Everything loads on the Left-hand side OK, but on the right-hand side where the actual messages are, it just says 'Loading...' and never loads so you can not do anything with it. Do you have OWA set up on your box and if so, what setting did you do to get it to work.
Thank you.
Thank you.
We just get to the OWA from a link on our website at http:// not https:// I have 2 filters set up: OWA and HTTP. On OWA and HTTP, I have the same: From: Any and on the To: I have a NAT that has my public number to my internal Exchange Server IP number. When I log into OWA from the Internet, I get:
Deny: HTTP Request method (OWA-00) dst_ip_nat="exchangeIP#" dst_port_nat="8080" proxy_acct="HTTP-Client.1" method="Subscribe". Have you seen this error before?
Deny: HTTP Request method (OWA-00) dst_ip_nat="exchangeIP#" dst_port_nat="8080" proxy_acct="HTTP-Client.1" method="Subscribe". Have you seen this error before?
on the HTTP Proxy, go to the Properties tab of the proxy. Then where it says Proxy Action: HTTP-Client.1 click the first button next to the drop down arrow. I beleive that will bring up the configuration of HTTP-Client.1, Under HTTP Request, go to Request Methods and towards the bottom where it has Pattern: add your SUBSCRIBE, and click Add. Make sure it says if Matched to Allow.
I think this should resolve that Subscribe Deny error.
I think this should resolve that Subscribe Deny error.
- Thread starter
- #14
This is not yet working for me. It is my understanding that if you have to use HTTP as a way to connect to OWA then you use a HTTP Filter, not a HTTP Proxy. I tried to go into the OWA Filter and do what you suggesting, but it did not help either. If you set up an HTTP Filter, you do not have the proxy option on the Properties tab. Any other suggestions?
did you just upgrade to fireware or did it come with a new appliance from Watchguard? I also had to use up one of my incidents, actually used up 4 incidents in the last two weeks.
Although I dont like having to wait for hours for their responses, usually you cant help but use up the incidents. Let me know what they tell you.
If you dont mind me asking, is there some reason you dont want an SSL certificate to make things a bit easier?
Although I dont like having to wait for hours for their responses, usually you cant help but use up the incidents. Let me know what they tell you.
If you dont mind me asking, is there some reason you dont want an SSL certificate to make things a bit easier?
by the way, at the end of each Watchguard incident, make sure to fillout the email they send you on their service. Fill it out and they will credit your account 1 incident. I hope they do at least, mine just closed so I will watch my incident total and see if its true
- Status
Similar threads
- Locked
- Question
- Locked
- Question