Can connect through Watchguard mobile VPN, but can't ping or access network drives

networking vpn remote-access watchguard
31,124

Solution 1

Talk to your Watchguard vendor and/or Watchguard themselves. It's a fairly specialised area which not too many people can help with. Plus you're paying Watchguard for exactly this kind of support question (either directly or through a vendor). And if you're not paying Watchguard then you're not getting security updates and therefore have bigger issues to worry about.

Solution 2

I had this problem. Ultimately, problem was that I had not configured authentication correctly. I hadn't added my user to the correct permission group.

If you are using IPSec for mobile VPN, ensure that the user is a member of the group that was created during the setup. You can do so by following the instructions here:

http://www.watchguard.com/help/docs/wsm/11/en-US/Content/en-US/mvpn/ipsec/mvpn_ipsec_group_add_user_wsm.html

If you are using PPTP, ensure that the user is a member of the PPTP-Users group and that an access policy was created to allow this group access to resources. Information about performing both of these actions can be found in the links below:

http://www.watchguard.com/help/docs/wsm/11/en-US/Content/en-US/mvpn/pptp/mvpn_pptp_auth_add-new-users_wsm.html

http://www.watchguard.com/help/docs/wsm/11/en-US/Content/en-US/mvpn/pptp/mvpn_pptp_policy-configure_wsm.html

Solution 3

Watchguards support three kinds of mobile VPN - PPTP, IPSEC and SSL.

There is a catch with "MUVPN with IPSEC" because the policies which control it do not live in with the normal firewall policies. When you open the Policy Manager, at the top of the rules is another tab for IPSEC MUVPN rules.

If you are using PPTP or SSL for the connections, those policies do live in the normal rule sets.

For troubleshooting, connect a client and setup a continuous ping to a server (ping -t server_ip) and then open Firebox System Manager and go to the Traffic Monitor tab, to see the logs of what is happening. Look for red "deny" messages, they will give you a clue why the traffic is denied.

You can also open the Policy Manager, and go to the Setup menu, and choose Logging, then the Diagnostic Log Level button. You can increase the amount and detail of logs so you can get more insight into what is happening.

(If it is an older box with web management access only, then you need to find the "syslog" page to see the traffic log messages).

Share:
31,124
johnnyb10
Author by

johnnyb10

Updated on September 17, 2022

Comments

  • johnnyb10
    johnnyb10 over 1 year

    We're having any issue in which some of our employess can no longer connect to our network drives when out of the office. We use Watchguard Mobile VPN (we have a Watchguard Firebox firewall) and the users are able to connect. That is, their status in the the VPN client says "Connected" and they have the correct IP address listed as the VPN Endpoint.

    The problem is, when they try to map drives, or even ping the IP address of a server on our network, it fails. Last week, we temporarily switched one of our Comcast modems to our backup DSL modem because the Comcast was accidentally shut off by Comcast, and the problem seemed to start around then. We've since switched back and the problem persists, so that doesn't seem to have been it (which makes sense). But we also made other changes at the time that might have thrown something off, although we feel like we've checked them all. Plus, some people can successfully connect to network drives through the VPN.

    Can someone please suggest some steps to help troubleshoot? We've checked the policies on our Watchguard box, and they seem fine. We've looked at the settings on the Mobile VPN client, but nothing seems like a probable cause. Thanks.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Access workstations without public IP - maybe with VPN
Why won't my VPN connect?
Accessing a webserver hosted behind vpn with closed ports remotely?
VPN: Cisco / Watchguard: IKE lost contact with remote peer
Watchguard Mobile VPN with SSL - user can't connect - failed to open shared memory for openvpn command (error: 2)
Corrupted MAC on input. ssh_dispatch_run_fatal:message authentication code incorrect unable to ssh jupyter notebook on remote server
Send all OpenVPN traffic through proxy or TOR proxy?
ssh: connect to host [ip] port 22: No route to host
How do I setup routing through a PPTP VPN?
/dev/ppp can't be opened