Comments on: WatchGuard Firebox VPN and Active Directory Integration

By: kryptonet

kryptonet — Fri, 07 Nov 2008 21:59:03 +0000

I just got a new client who has a Firebox Edge X Watch Guard . I was trying to configure it for remote management or administration. I guess if you just setup the VPN it will allow you you to manage it from the inside because you have a I.P assigned throught the VPN. Does that sound right?
Thanks

By: Chris

Chris — Wed, 05 Nov 2008 15:56:28 +0000

Do you have specific steps that you can post on setting up the inbound and outbound rule for the vpn traffic? thanks, chris.

By: Damian

Damian — Tue, 04 Nov 2008 17:28:45 +0000

We have a customer with a Firebox running version 10. They have vpn’s setup and it works, the issue is that the remote user cannot access their local network when they have the VPN up. I know most VPN solutions allow you to regulate this. The user cannot even use her USB printer. Everything else seems to work okay. Any suggestions?

By: Chris

Chris — Sun, 26 Oct 2008 17:42:42 +0000

from the traffic monitor I receive firewalld deny in pptp0 and deny out pptp0. I’ve created a rule but still missing something.

By: Chris

Chris — Sun, 26 Oct 2008 17:37:26 +0000

I can connect using the above but I cannot talk to the network, cant pint the servers and the servers cant ping me. using a v500 with 7.5. Any ideas?

By: elim

elim — Wed, 09 Jul 2008 06:19:41 +0000

Sorry, I believe the exact phrase was “It was not possible to verify the identity of the server.”

By: elim

elim — Wed, 09 Jul 2008 05:56:56 +0000

For some reason i am getting error 778 “can not verify the identity of the server” when connecting via VPN. Any ideas?

By: Talrude

Talrude — Fri, 27 Jun 2008 14:52:23 +0000

Wanted to add.

I wanted to Add more.(I Have an 1000)
You must have the Management Software istalled.

Connect directly to the Trusted port using a cross over cable with a static IP or 192.168.253.xxx Not .1

1 Unplug power from firebox.
2 Push and Hold reset button.
3 Plugin power to firebox.
4 Wait for red light and flashing triangle.
5.Use the Quick Setup Wizard to re-Configure the unit. Default IP 192.168.253.1
6.Default password will be shown during setup and you will get to change it.
7. Change your IP Rang accordingly if you change Trusted network Ip Settings. (DHCP is not enabled be default)
8.Use Policy Manager to configure firewall.
9.Expect reboots and 4 min down time for reboots. (I counted it on my 1000)

There is a Student manual floating around out there. Get it! it helps.

************************************************
DaveLChgo said:
*** CAUTION ***
This will wipe out all of your settings on the firebox and set them to factory defaults.

1 Unplug power from firebox.
2 Push and Hold reset button.
3 Plugin power to firebox.
4 Wait for red light to come on and go off.
5 Release reset button.
6 Unplug power.
7 Plugin power.

Now Iâ€™m doing this from memory so steps 4 and 5 might beâ€¦.
4 Wait for red light to come on.
5 Release reset button and wait for red light to go off.

Hope this helps.

By: Harry

Harry — Wed, 18 Jun 2008 13:53:07 +0000

Hi Scott

I was able to resolve the problem by taking out the NAS-IP-Address codition to the policy.

Authentication works well but I am having trouble acessing or even pinging anything including the DC that logged me on! I think this may be down to m being a complete novice to this as opposed to anything else!

Thanks

By: slowe

slowe — Wed, 18 Jun 2008 11:44:12 +0000

Harry,

Looks like your Remote Access policy isn’t configured for the right authentication method. With PPTP, you’ll want to be sure that MS-CHAP and MS-CHAP v2 are enabled in the profile for the policy, and uncheck any other authentication types. I’m not sure what authentication type the Mobile VPN client uses.

Hope this helps!