Koozali.org: home of the SME Server

Firebox X500, VPN and SME Server

woyzeck

Firebox X500, VPN and SME Server
« on: July 15, 2005, 11:25:18 PM »
Anyone use a firebox?

Okay,  I am having some difficulties getting a vpn tunnel to work.  I can create tunnle between the mobile users computer and the firebox using the firebox to authenticate the user, however, I have not been able to use the sme server to authenicate users.  Even when I use the Firebox authenication, I cannot see the network.

Couple questions.

1.  SME Server acts as a WINS Server, correct?  From what I understand SAMBA does.  I took a look at the SAMBA config file a couple months ago and thought that I confirmed for myself that it was configured by default to act as a WINS Server.  Am I mistaken?

2.  The Firebox doesn't allow vpn users to be on the same subnet as the trusted network, so another is used.  I have added these particular address to the remote networks allowed to access network resources on the SME Server.  Would this be the appropriate thing to do?  Would this allow the remote user to access the ibays as if they were on the network?

I just want to know if my assumptions are correct or not before contacting Watchguard for help.  

Thanks in advance for any input.

Woyzeck

woyzeck

Firebox X500, VPN and SME Server
« Reply #1 on: July 16, 2005, 04:15:23 PM »
Okay...   I now have been able to establish a tunnel using the firebox to authenticate the user.  I am still not able to browse the network, however, I can access the sme box behind the firewall using the internal ip addresses.  I guess the next step is the get wins to work over the tunnel and those questions would be for another forum, I guess.  

If anyone has gotten an sme box to authenticate vpn session on a firebox, I would appreciate any input as
I really would like to use the sme box to authenticate instead of the firebox.

Woyzeck

woyzeck

Firebox X500, VPN and SME Server
« Reply #2 on: July 17, 2005, 05:33:54 AM »
Okay... I like talking to myself.  Just an FYI for anyone using a firebox.  Cannot use NT Server to authenticate users, period.  You have to authenticate using the firebox.

I now have been able to use both PPTP and IPSec to connect to the firebox and browse the network. So...  If there is anyone out there the needs to know how to configure your firebox to work with your sme server, let me know.  

I was looking through the Watchguard Support info and it doesn't appear that they will support questions dealing with VPN even though you pay through the nose!  Need to pay more for that.  Oh well.... got it working on my own.

Again, if anyone needs help with this let me know.

Woyzeck