Hi. I'm trying to setup a VPN on my network in which my employees can acces the server remotely. I am able to remotely access the server through remote desktop connection but currently unable to setup a proper VPN connection from an external site. Our sever runs Windows 2000, and currently use the Watchguard Firebox Soho 6. Please help.
An expert who has achieved level 2 by getting 100 points
An expert that got 5 achievements.
An expert who has written 50 answers of more than 400 characters.
An expert whose answer got voted for 20 times.
Re: Setting up a VPN through watchguard
The key with any VPN solution is to make sure that the configurations on both ends match. I am not very familiar with this particular product, but it looks like you need to have the proper VPN licenses installed first.
There are two types of VPN you can do.
1) Site to Site - This is where the are two static boxes that you want to create an encrypted tunnel between
2) Remote User access - This is where mobile users connect to a central site over an encrypted tunnel from their home or on the road.
Next, take a looks at the User Guide PDF here:
Chapter 10 tells how to configure the VPN on the Firebox side. You would just duplicate your settings if your doing option #1.
Chapter 11 tells how to configure the VPN on the client side. This section would tell you how to configure the client software for option #2.
Hope this helps.
Select VPN > Mobile VPN > SSL.
The Mobile VPN with SSL Configuration dialog box appears.
Select the Activate Mobile VPN with SSL check box.
Select an Authentication Server from the drop-down list. You can authenticate users with the internal Firebox or XTM device database (Firebox-DB) or with a RADIUS, VACMAN Middleware, SecurID, LDAP, or Active Directory server.
Make sure that the method of authentication is enabled (select Setup > Authentication > Authentication Servers).
- If you need clarification, ask it in the comment box above.
- Better answers use proper spelling and grammar.
- Provide details, support with references or personal experience.
Tell us some more! Your answer needs to include more details to help people.You can't post answers that contain an email address.Please enter a valid email address.The email address entered is already associated to an account.Login to postPlease use English characters only.
Tip: The max point reward for answering a question is 15.
Port #1 on primary router <---> VPN server
Port #2 on primary router <--> Load Balancer
Load Balancer <--> web-server #1
Load Balancer <--> web-server #2
Load Balancer <--> web-server #3
VPN traffic enters your network, through the router to the VPN server, and then VPN-server back through the router to your internal servers. Web-traffic goes through the Load Balancer, for distribution to the collection of servers.
The router's PPTP passthrough and IPSec settings assume that you're connecting to an external VPN server on the public side of the network, but it sounds like you're hosting your VPN server inside your local network. If this is the case, you may just want to have your windows VPN box in a DMZ, or get a router that you can exert more control over. Be wary, if you're doing this at a residential location, your internet provider will probably block or "shape" this type of incoming traffic to your local network.
Look into http://www.acevpn.com/ for $5 per month. I would caution accessing Social Networking and File Sharing sites once they are banned by employers, and attempting to find a workaround and accessing them anyways can be grounds for dismissal.
One plan and one low fixed price - $5. The same VPN account works on all the supported platforms and devices. We support OpenVPN, PPTP and L2TP
Connect to any VPN gateway servers on our network at no extra cost. We currently have servers in USA and Europe (France, Germany, Netherlands, UK). More servers being added in different countries
Allows access to banned, blocked and censored websites, applications and services. Use VOIP, SIP adapters, Skype, Google Voice, instant messengers like Yahoo, MSN / Windows Live, Google Talk, etc., social networking like MySpace, LinkedIn, Facebook, Twitter, etc., dating or adult sites even if blocked by your Country, ISP, University or Corporate firewall
100% anonymous, secure and private. Surf the Net without leaving a trace even on public unsecured Wi-Fi / hotpots
Protects your privacy from behavioral ads and data mining websites like Google Ads, Quantcast. Prevent Identity theft
Could you please explain me how to you are trying to establish the vpn its a site to site or site to client another thing if you are connecting to head office through mobile user client behind any natted device you should enable nat traversal in your firewall then only i will works.