I’m sorry, I menat to mention that in my query. The originating network is not NATted, while the recieving network is. The problem is evident in both IPsec and PPTP. I had tried the tunnel between the two firewalls, but I did have a problem with that also, and it is a bit foggy right now as to what that problem was. I have been working on this project for some time, but it keeps getting pushed into the background by other, more immediate needs.

Is your real problem that you cannot “see” the network ? This is common on Microsoft VPN’s if WINS is not available. You may not be able to browse the network but you should be able to ping devices on the network. The gateway entry is not important as you do not need to access outside of the VPN network. Check that you can ping first – if that does not work then check your routing. If you can ping then the problem is name resolution which can be solved via DNS, WINS or HOSTS/LMHOSTS – depending on how you want to access resources.

Hi,
If am not wrong you r not able to access the local network after connecting to VPN. If this is so, we can resolve it by adding a persistent IP route to the system with metric 1. This can be done thru cmd prompt by gibing a command syntax of which is as under:
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 1
destination^ ^mask ^gateway metric^

We are also using Watchguard Fireboxes at both our locations and have users connect via VPN. We tried using the MS VPN client but had no luck. Contacted Watchguard who told us that they would only guarantee successful VPN using their Mobile User VPN application.

Phil,

Cannot ping, cannot locate machines on the network, just have a connection, period. If I log in from another outside network, using a variety of firewalls, I have not problem making the connections I need to make.

Steve//

nitindixit,

I was thinking about the persistant route, but had not gotten around to trying it yet. I’e been tied up all day working on another problem, but hope to get that out of the way so I can get back to this, and will try the persistent route.

nerdking,

Please note that the same problem exists with the MUVPN client provided. We successfully use the MS client on those we allow to have access, simply because it is a lot easier for them to use that. At anothe sie where the machines connect via VPN, and are connected from the time they are turned on to the time the are turned off, I use the MUVPN, again with great success. The latter case seems to be the type of client that MUVPN is programmed for, not the I need to access my e-mail and some files, and then go off and do something else type of user, where that user does not need a connection to the internal network except for short periods of time while they are in a hotel room or somewhere else.

Stevez:
Your problem essentially is due to difference between logging on to security gateway, for VPN connection, but not actually logging on to the remote Network. Some routers have ability to redirect a network logon to an external server, but will need to be setup to do this. Also VPN Client needs to have ability to process the second logon. Can also be done using Microsoft VPN service, and handling everything on Server rather than router, but this involves opening up firewall to allow VPN connection to the Server. Long time since I worked on this sort of thing, and am not familiar with either of the routers you are using, so can’t help much at a detail level.

PeterMac,

Please reread the post. I have no problem using VPN coming out of any other firewall, just this particular combination. Once I am connected, I can navigate to whereever I need by IP address or via name, if it is in the originating machine’s HOSTS file. When I try this partcular combination, I cannot do anything on the network, and the problem seems to be a lack of a gateway assigned to the VPN connection.

Steve//