Re: Watchguard 700 + MU VPN w/Windows 2000
From: Mats (mats@airway.no)Date: 10/29/02
- Next message: BH: "Re: NetBEUI and security"
- Previous message: : "Re: 3Com Superstack 3 or Sonicwall PRO 300"
- In reply to: Ian Battersby: "Watchguard 700 + MU VPN w/Windows 2000"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Mats" <mats@airway.no> Date: Tue, 29 Oct 2002 21:47:50 +0100
Welcome, I have the same challange.....
I have read som artickles on the Watchguard support web forum, and it seems
to be an interop problem with W2K and Watchguard MUVPN client. Its hints hat
you can change the registry on all W2K servers and adjust down the MTU to
1400bytes (Whoha).
There are maybe light in the tunnel, Watchguard has just released an new OS
(Watcguard 6.1) and when I read the release note i read :
<Start Quote>
http://help.watchguard.com/docs/v61WFSReleaseNotes.pdf
5. Optional: Upgrade Mobile User VPN clients.
Mobile User VPN client software can be upgraded at any time after upgrading
the Fireboxes or SOHOs they connect to.
Note: WatchGuard recommends that you upgrade to the 6.1 VPN Client because
of a potential vulnerability in the 6.0 client.
</End Quote>
But I have just received an not that customer friendly answer that 6.1 is
the Firmware not the MUVPN client, and from the answer they just can't have
read my quoting, but they hinted that the client is just around the corner.
Well and they stated in the email that the 6.0 client is safe !
Well , ritch from experience that can mean everything from one day to one
year or more ?!
Kind regards
Mats Karlsson
"Ian Battersby" <ian.battersby@emulous.co.uk> wrote in message
news:df684b5e.0210280917.7da076a2@posting.google.com...
> Has anyone managed to implemented a Watchguard 700 with MUVPN on a
> Windows 2000 domain? If so, can you tell me how you setup and
> configured it please?
>
> We recently implemented a Watchguard 700 firewall solution for our
> office; togeather with this we purchased a 5 user Multi User VPN
> bundle so that we could move our VPN connections to something more
> secure then a Windows98 PPTP server.
>
> However, after having this a week now I can't seem to be able to get
> the kind of functionality we require, certainly not without enabling
> PPTP and disregarding the MUVPN licenses we have bought for IPSec type
> security.
>
> The requirements are:
> 1. Connection to network via the Internet (VPN)
> 2. Definable DNS and WINS servers for that connection
> 3. Windows logon prompts where required when accessing servers
>
> Authenticating against the W2K DC has been a story within itself
> (RADIUS w/IAS) but just actually being able to connect to the VPN and
> access the servers/IP's seems problematic as well.
>
> I assumed when using the MUVPN/Lite software (SafeNet SoftSecure) that
> it would route all required traffic down the tunnel and allow me to
> log into the domain. As the firebox currently seems unable to
> authenticate to the W2K server at all, we are doing the initial
> authentication using firebox defined users. However beyond that point
> although I can ping address within the network, no trapping of the
> DNS/WINS is done (I have to put those manually into the Internet
> connection dial-up properties) and even when this is working correctly
> it won't let me browse to any of the machines using their machine name
> (and NetBIOS interface is enabled!).
>
> Any feedback would be appreciated!
- Next message: BH: "Re: NetBEUI and security"
- Previous message: : "Re: 3Com Superstack 3 or Sonicwall PRO 300"
- In reply to: Ian Battersby: "Watchguard 700 + MU VPN w/Windows 2000"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
