Security / Firewalls :: VPN Access Stopped Working On Watchguard Firebox?
Sep 13, 2012
Previously we had no problem with remote users connecting via VPN but recently they can't connect and i've checked the firewall and it shows the errors (see attached jpeg) but I'm not sure what it all means.
Im having some major issues with my new setup. I have a Cisco Router (1921ISR) that is connected to the internet through a t1. In addition to that is another cable modem. Each of these are connected to my firebox through an external interface.My router is on the 10.1.10.X network. My internal network is 192.168.1.X I have several NAT statements on my router pointing to 10.1.10.X addresses. These addresses are defined on my firebox as seconday external addresses and I am SNAT'ing them to 192.168.1.X addresses on my local LAN.This is mostly working well for everything. However, there is an FTP I am connecting to through the a VPN on the cisco that will not connect. The source is a 192.168.1.X address.
I am running a Kodak all in one printer through a Billion 7800n router. The desktop computer running Vista is hard wired and the portable running Windows 7 is wireless to the router. The Printer is hard wired to the Billion router. Where are running Norton 360 on both computers. Everything was running fine until two weeks ago and we get the error that the firewall is stopping access from both computers. I have tried turning off Norton but no effect so I assume it has something to do with the firewall on the Billion 7800n router? Why stop now after several weeks of working fine after setup?
I have problem with the Lan-to-Lan VPN tunnel.the VPN working fines since 9 months ago without any problems.Suddenly got the problem!,In last two days we faced problem the VPN down.in first time the problem in phase-2.. but after that in phase-1... in latest no data packet received to their side.
i am using windows vista on my laptop.i was using zone alarm firewall, but switched it to windows firewall.after switching, my internet was cutoff. i can see that i am connected to my network, but cant get to internet.when i run diagnosis on my laptop, it gives me three options:
my Ethernet driver is having hardware issue.
my wireless driver is having hardware issue.
ip protocol binding is having issue. check ipv4 and ipv6 settings.
Last year i installed nortor 360 gold edition onto my laptop and now it is telling me that it is not automatically protected against viruses and spyware, even though it has the latest update and no problems have been found on my laptop.
I am trying to figure out how to give computers that connect to my LAN limited access. I have heard that some viruses, though rare, may travel through the network and infect all computers on the network. I want to prevent this. Is there any way to give computers connected to my network strict access to only the internet to prevent viruses or any other harmful attacks?
I've created a hostname & account with [url].... for my vpn setup.It was working fine until 2 days back. owa was accesible and configured MS Exchange on iPhones.
Suddenly it stopped working.The updation of IP from ISP is happening @ chnageip.com site, but when we ping the hostname, it is not resolving to new ip and is not pinging.Our users outside the coporate's internal network is unable to access.
I configured a dynamic vpn(easy vpn) in a cisco isr. But the vpn clients cannot access any of the lan devices. VPN pool is 10.0.0.1- 10.0.0.20 & internal netwrk add is 172.17.x.x. I tried to disable zone based firewall but no resultout[CODE]
I installed Comodo Firewall today, and I couldn't access my Internet from then. I actually liked it's UI and all and want to keep it. The only something that I felt that might be causing the problem is "Use Comodo Secure DNS Server"? Is it likely the reason to be the cause of the problem?
I'm having some problems with a sonicwall pro2040. The problem is this: I can access the sonicwall remotely, and I can ssh into the sonicwall and ping various websites, and get replies, but my connected PCs (Connected by the LAN port) have no internet access. I have never set up a sonicwall before this one, and I feel like there is something I may be missing. Do Sonicwall devices block WAN access by default? Do I need to configure the default route?
I need remote access to certain programs on my home PC but I just cannot get it to work.
When I set the programs port preferences (i.e. port 8087), I can connect with"127.0.0.1:8087" and webcamXP work fine. But when I replace the localhost with my external IP (lets say 220.127.116.11, so that would be "http://18.104.22.168:8087".I tried port forwarding: I have added the port to my NAT in the router's setting so it should be fine, but it is not (numbers are fictual of course):
external port start 8085, external port end 8089, protocol TCP/UDP, internal port start 8085, internal port end 8089, server IP address 192.168.1.215)
I also tried disabling AVG Internet Security 2011's firewall temporarily just to check it it was blocking it, but got the same result.I checked if Windows own firewall was on, but it is off.I cannot find any setting in the router's own configuration screen to disable any build in (router's) firewall (if it has any).
So, I have this router at home a WRT150N. I put in access restrictions so my siblings won't stray onto unwanted pages.I enabled SPI Firewall Protection and what do you know, it worked. The next day though, we didn't have an internet connection.I checked everything with the modem (power cycles, etc.) and then I tried the router. Upon disabling SPI Firewall Protection, the internet connection came back.I tested it yet again, to see if it really was the SPI. Enabled and bam, no internet access again. I made sure to select "Allow" in the Access Restrictions for "Internet access during selected days and hours" making sure also that "Everyday" and "24 Hours" are selected.Now my question is, what do I need to do in order to enable my Access Restrictions without having to lose internet connection via the SPI Firewall?
our customer unfortunately uses a Watchguard.Finally we could establish a site-to-site vpn connection.To test if the connection re-establish again, we cleared our vpn session by "clear crypto isakmp <session id>" and after that "clear crypto sa <ip address of the peer>"After that, the session is down on our site, but the watchguard keeps the Phase I still up, either the deleting messages from our cisco are visible in the watchguard log files.Watchguard helpdesk told us, that the messages are only seen as a deletion message for Phase II, therefore Watchguard keeps Phase I up and running.Here you could see the cisco 7206 log messages aftre the clear commands:
In my opinion, it looks ok and we do not have problems with other VPN devices with this kind of tests.what could be done that the watchguard deletes Phase I, too? Or that an explicit Phase I deletion message is created and sent by our cisco 7206?
For some reason i can't get access anymore to the web interface of our ACS 5.3 appliance.Where i used to get a certificate warning first, and after that the ACS5 login screen, i now get totally no response anymore in my IE browser.
I can telnet to port 443 of the unit however. And i (fortunately) still have ssh access to the unit. So i did a reload (microsoft habits) but that did'nt solve anything.https access to other systems from the same browser is functioning fine
================================= admin# sh ver Cisco Application Deployment Engine OS Release: 1.2ADE-OS Build Version: 22.214.171.124ADE-OS System Architecture: i386 Copyright (c) 2005-2009 by Cisco Systems, Inc.All rights reserved.Hostname: <deleted> Version information of installed applications--------------------------------------------- Cisco ACS VERSION INFORMATION-----------------------------Version : 126.96.36.199.8Internal Build ID : B.839Patches :5-3-0-40-55-3-0-40-8 =================================
I have a new Alienware X51 running Win 7. It's connected to a home LAN, both wired and wirelessly. For the prior two days internet connectivity has been fine. Today, the PC will not connect to the internet. The Network and Sharing center in control panel shows that the PC is connected to both the wireless network and the wired network, but with no internet connectivity. All other computers and devices in the house are able to connect to the internet. Tried restarts, virus scans, router power off/on, ipconfig /release and renew, all with no luck. When I try and ping other computers in the LAN or the router I get a "General Failure" message.
Powerline not working on media in one room. My Setup: ATT DSL Modem: Westell 6500 w/ Linksys WRT54GS router
First powerline to mac (about 8 feet down hall) second powerline to pc (windows vista) (about 12 feet down hall) third powerline to media (Xbox 360, Sony blu ray, Apple TV) (about 45 feet down hall)
I've had Powerline PLE/S 300 setup for a couple years I think working perfectly. I it set up because my house is VERY solidly built and the G wireless cannot reach even the second room down the hall.
I recently got a wireless device and couldn't keep connection in the living room so I was going to add an access point and futzed with the router and everything went down. I got the router back up, disconnected the access point for good, but the Powerlines wouldn't connect. I upgraded the firmware then reset them and finally got Number 1 and Number two powerline online and working. But the farthest point (router at back of house, media at front) is the living room and none of the powerline boxes will work ON THE MEDIA.
I plug in the powerline and the home light comes up, I attached my laptop out there and I connected fine, then I connect one of the media players - the Xbox, apple or blue ray - and the home light goes out media will not connect and the laptop is knocked off. It does this every time now, same media players that worked perfectly before.
I bought a new router (Linksys E4200), wondering if the old just didn't have the signal strength and set that up very easily and the same thing happened - no powerlines work on the media in the living room. Mind you, I did take Apple to a closer room and hook it up to a powerline and it works!
As my Xbox died on one my attempts to plug it in to the powerline. So new xbox cannot connect either. I used to connect from xbox to the pc media center to watch recorded tv and this cannot be done wirelessly, even with the new dual band N router AND a new extender!
Is it true that the FCC is investigating the Pogo game site because of poor security? Is Java the cause of this problem?I'm very leery of getting on the Pogo site because I've been told that my computer could get a virus and crash.
I'm new to IT, and have been put in charge of managing our servers hile my boss is on vacation.We currently have a Sonicwall Network Security Appliance that handles our Firewall/VPN and have web content filtering set in place.I have a user who belongs to 2 CFS policy groups that we have set up. I've double checked with Active Directory, and he is a member of both groups.
This person SHOULD have access to Job searches/ and Restaurants,but receives a "content blocked" message on his browser.It appears to me that the settings in Sonicwall are correct, as well with AD member groups.
I am trying to connect to a Security-enabled wireless netowork. I have the key. My problem is that I can't seem to figure out how to enter it. When I try to connect I open the "view available networks"window. I see the network name and it shows a strong signal (all 5 green bars).
I opened my iTunes program today and noticed a roommate's MP3 files were picked up on my network. I think the name of the program is Rocket Tube MP3. Anyway, I came on here because our computers use a Wi-Fi internet connection and I was wondering how much of my web activity (history, cookies, temporary files, etc) he could see from my laptop if his computer was a desktop downstairs. He's very tech-savvy (a former IT guy) and I don't want him snooping through my personal records.
We are a non-profit organization that is heavily reliant on interns that use their own laptops a lot here. My concern is they come in and connect to our wireless network with no supervision or anything else. I am worried they will introduce a virus, trojan, or something to our network. What the best way to keep them from introducing unwanted malware from a thumb drive, virus in email, or something to that effect shy of standing over them while they install and run an antivirus software?
I am looking for some resources on what steps would be involved in configuring a Cisco ASA 5500 when obtaining a new ISP. Since our static IP will be changing with the new ISP, just need to know what configurations changes will need to take place. We currently have a working config with DSL, but are switching to cable. We are using a DMZ configuration, and are going to try using ASDM first since that should be easier
There are three Win 7 laptops on the LAN trying to connect to the ASA5500 Firewall. They generate a Severity Level 3 alert and try the same port three times then move to the next numerical port and try that three times. Is this a malicious Hack.
I have been trying to get into one website (url)The world's best online marketplace, List free Classifieds,buy and sell - auction,post a job and get hire from over 1 million top professionals. | Wanaifieds.com and I can't get into the site from my home I can get into the site everywhere else but here I called the service provider and their telling me it's not them they don't block website and the IP is not stationary so their nothing wrong with their end I called the hosting company of the website and they told me they don't block any IP's I don't know what to do I do remember when it was working about 4 days ago I tried something o the site and I messed up and I clicked back instead of putting my password a little box poped up and said something about a certificate or something but I just clicked off and when I tried to get back on the site.
I'm working with Cisco ASDM 6.1 for pix. I want some of ip addresses are not shunned thus provide a list of addresses which should not be shunned in threat detection, but some of ip addresses are shunned yet.
I want to block 10.0.0.1 and 192.168.1.1 but my router says invalid domain so if will the guess network be able to go to page 10.0.0.1 and 192.168.1.1 even though I don't block it? I have a bypass account but don't want anyone else to access 10.0.0.1 and 192.168.1.1. Also can you tell me some proxy sites I can block?