Firebox Cloud on AWS Client VPN

Anyone running Firebox Cloud in AWS and using it for Client VPN?
Setup two now and no VPN method will connect, getting SYN checking failed. I can disable this, but still get an error and no connection.

I think it's because the public (elastic) IP differs from the private IP set on the Firebox's external interface. But WG support don't seem to think it's an issue.

Anyone have it running successfully?

Thanks, Adam


  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    The Firebox uses whatever IP (or FQDN) you populate in the SSLVPN and IKEv2 VPNs to generate the profile -- this can be completely different from what your IP actually is, so as long as that traffic is making it to the firewall, it shouldn't matter.

    Syn checking in your logs suggests that traffic is either being dropped or received out of order in route to your firewall -- that's likely where your problem lies. You can use the TCPDUMP utility in the diagnostic tasks area of your firewall to check if all of the traffic your VPN client is sending is actually making it to the firewall.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.