Question about WatchGuard Technologies Firebox 1000 Firewall

1 Answer

Watchgaurd Firebox 1000 and Cisco Concentrator 3015

Hi I am trying to create a site to site vpn tunnel between the 2 appliances above. On the cisco concentrator I am getting the following message
26720 08/12/2008 16:11:42.780 SEV=5 IKE/35 RPT=3593 194.73.171.82
Group [194.73.171.82]
Received remote IP Proxy Subnet data in ID Payload:
Address 0.0.0.0, Mask 0.0.0.0, Protocol 0, Port 0

Im guessing this is the info sent from the watchgaurd, what I dont understand is why the source address is showing as 0.0.0.0

Posted by on

1 Answer

  • Level 1:

    An expert who has achieved level 1.

  • Contributor
  • 1 Answer

Wow I'm sure you've figured this out by now seeing as this was posted on 8/12/2008. however for the record what you're seeing is phase2 information and that's the proxy id that your far end is showing 0/0.Did you make sure your ipsec sa's matched?

Posted on Mar 15, 2009

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

How connect cisco 5015 vpn with barracuda linkbalancer 330


Your Internet gateway <--- primary router

Port #1 on primary router <---> VPN server
Port #2 on primary router <--> Load Balancer
Load Balancer <--> web-server #1
Load Balancer <--> web-server #2
Load Balancer <--> web-server #3

VPN traffic enters your network, through the router to the VPN server, and then VPN-server back through the router to your internal servers. Web-traffic goes through the Load Balancer, for distribution to the collection of servers.

Jun 12, 2014 | WatchGuard Technologies WATCHGUARD TECH...

1 Answer

ASA VPN setup


this has been nicely explained here:

http://www.computerfreetips.com/Cisco_router_tips/ASA-VPN-tunnel.html

Feb 23, 2012 | Cisco ASA Network Security & Firewall...

2 Answers

I have two Cisco routers one is a 501Pix(located at branch Office), the other is a 515E Pix (located at main office). I've configured a vpn tunnel to the router at the main office. The router at the branch...


Hi,
  1. Please check whether the Tunnel Phase 1 and Phase 2 are Up.If Not Proceed Next, if Yes Proceed to point 4
  2. Please check the peer IP is reachable
  3. Please check the configuration and the encapsulation method used
  4. Check whether in the Match Address whether the IP has been Allowed If Yes Proceed Next
  5. The Branch PIX will be in the Outside interface of the Main PIX, security Level will be enabled so do NAT. If Yes Proceed next
  6. If unable to ping enable the Inspect ICMP in the global policy to enable ping If Yes
  7. If all The above are done. please check the routes between the 2 remote computer.
Please check all the above point, surely your problems will be solved

Feb 26, 2011 | Cisco PIX 501 Firewall

1 Answer

I have an older Cisco PIX 506 with two VPN connections. One links two offices (PIX-PIX VPN) together, another is for staff to access email & files. The file server on the local LAN the PIX is on are...


It could be a missing route... are the file server and email server on the same subnet? If they are then it is possibly not a routing issue.

Also it would be worth checking the tunneling settings for the VPNs... if you have specifed either only the fileserver subnet or specifically the file server address, then this could be the reason they can get to nothing else.

Hope that this has helped a little :)

Apr 09, 2010 | Cisco PIX 506E 3DES/AES bundle (chassis,...

1 Answer

IPSEC problem between ASA and Microsoft ISA


can you try lower encryption levels on each device and see if that helps? sometimes it is neccesary between Cisco and other devices.

May 18, 2009 | Cisco ASA 5510 Firewall

2 Answers

Activation key


Normal 0 false false false MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;} Step 1
Obtain the serial number for your security appliance by entering the following command:
hostname# show activation-key
Step 2
Access one of the following URLs.

Use the following website if you are a registered user of Cisco.com:
http://www.cisco.com/go/license

Use the following website if you are not a registered user of Cisco.com:
http://www.cisco.com/go/license/public
Step 3
Enter the following information, when prompted:

Product Authorization Key (if you have multiple keys, enter one of the keys first. You have to enter
each key as a separate process.)

The serial number of your security appliance

Your email address
An activation key is automatically generated and sent to the email address that you provide. This key
includes all features you have registered so far for permanent licenses. For VPN Flex licenses, each
license has a separate activation key.
Step 4
If you have additional Product Authorization Keys, repeat Step 3 for each Product Authorization Key.
After you enter all of the Product Authorization Keys, the final activation key provided includes all of
the permanent features you registered

Nov 12, 2008 | Cisco ASA 5510 Firewall

1 Answer

Wireless Config for XP OS with Firebox Edge network firewall


Hi
Any help please let me know and sorry about the chat window not responding for me

Jun 24, 2008 | WatchGuard Technologies WATCHGUARD TECH...

1 Answer

Watchguard site to remote offices


What have you done to date, what is the Config on both sides.
Let me know
Aloha
Bob

Jan 19, 2008 | WatchGuard Technologies FireBox SOHO 6...

2 Answers

Site to site VPN between Checkpoint UTM 1 R62 and Cisco pix /Netscreen


I couple of points:

PIX has a few dislikes...

1. Pix does not like class A address, make sure you are using B or C.
2. The VPN subnet always has to be differant to the LAN.
3. Has to have a working DNS server.
4. Add static route, and last resort to main ethernet port that has the DNS & R62. (or 2 if on differant sub)

Hope this helps.

Dec 16, 2007 | WatchGuard Technologies Firebox X5000...

3 Answers

Setting up a VPN through watchguard


The key with any VPN solution is to make sure that the configurations on both ends match. I am not very familiar with this particular product, but it looks like you need to have the proper VPN licenses installed first. There are two types of VPN you can do. 1) Site to Site - This is where the are two static boxes that you want to create an encrypted tunnel between 2) Remote User access - This is where mobile users connect to a central site over an encrypted tunnel from their home or on the road. Next, take a looks at the User Guide PDF here: https://www.watchguard.com/help/documentation/soho6.asp Chapter 10 tells how to configure the VPN on the Firebox side. You would just duplicate your settings if your doing option #1. Chapter 11 tells how to configure the VPN on the client side. This section would tell you how to configure the client software for option #2. Hope this helps.

Aug 29, 2006 | WatchGuard Technologies FireBox SOHO 6...

Not finding what you are looking for?
WatchGuard Technologies Firebox 1000 Firewall Logo

Related Topics:

230 people viewed this question

Ask a Question

Usually answered in minutes!

Top WatchGuard Technologies Network Security & Firewall Devices Experts

phil

Level 2 Expert

567 Answers

john smith

Level 2 Expert

366 Answers

Brian Sullivan
Brian Sullivan

Level 3 Expert

27725 Answers

Are you a WatchGuard Technologies Network Security and Firewall Device Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...