Topic: firebox watchguard

[Dean]

My company in it's infinite wisdom has decided to implement a watchgaurd firebox as its firewall come vpn access box,
My it department have sent me all the windows config files so if i had a windows box connected to my cable modem i can connect to the works network. now i don't use a windows box i use e-smith to connect to the internet via my cable modem.
Has anyone got an e-smith box to talk using vpn to a watchguard box?

bear in mind i have no control over the watchgaurd box but full control over my e-smith box.

HELP!!!!!!!!!!!!!

[Mikkel Mandrup]

Hi Dean,

If I understand you correct, then you have a MUVPN client from your company, but can't use it because you don't have a windows computer?
I belive the only way to get it workiing is to get the network administrator of your company to create a branch office pptp connection, and then you can set up your e-smith server, to connect to that connection...

/Mikkel

[steve]

we use checkpoint firewall at work.
I have SME 5.1.2 at home
I can connect fine from home to work using checkpoint vpn (ipsec, 3DES). Took alot of config with the tech support from checkpoint, but finally got it working. (All of the config was on the server side)
I am not sure if pptp will work. AFAIK, pptp is 1 client to network and does not connect networks to networks the way ipsec can/does.

are you on a windows box behind your e-smith server?
that is what matter most, the e-smith lets outbound traffic out without any extra config.

[bob]

Do they allow SSH into the corporate network? Watchguard just put out an Editorial on how to VPN into the watchguard with SSH and Free/Swan. But since you have no control over the watchguard to configure IPSec, see if they will allow you to SSH into the network.

Bob

[dean]

Right i run e-smith as a server/gateway from home have just got a 2000 advanced server from work (after a lot of nagging) i can connect via e-smith to the works net work but cant "see" the works net or ping or anything else but i am connected accorging to the watchgaurd software, i suspect this is a routing problem somewhere anyone point me in the right direction please, ive had 2000 now for 4 hours and already hate it.  does it require a reboot if you change the time on it, it seems to for everything else!!

[bob]

Dean,

We have watchguard firewalls here. They probably don't have the right permissions for the Mobile VPN users down correctly. Ask them to check the logs to see the denies and add the correct rules.

Bob

[steve]

I would think that watchguard would provide a client program that u would use to connect to the watchgaurd box.
This is how it is for my setup with checkpoint. My SME server is not involved in the process.
Also, is the watchgaurd box the default gateway for the machines on your work network?
If not, they will not know where to send the traffic to get to your home network. Hence the connection, but not able to talk to any computers on the remote network.
You will have to add the route to their routing tables, pointing to the watchgaurd box as the gateway to get to your home network.

HTH

steve