Mikrotik VPN User
Dear WG Community,
Right now, my company is doing POC for Firebox T55.
The Topology like this :
Internet -- Mikrotik -- Firebox -- Internal Network
Everything seems OK, but when we connect to VPN (the VPN server on Mikrotik),
it's connected, but can't access to internal Network. It's blocked by firebox.
The question is, how to passthrough VPN Connection from Mikrotik throuh Firebox ?
Thank You
0
Sign In to comment.
Answers
Hi @YosefR
You'll need to make inbound policies on the firewall. To the WatchGuard device, the Microtik VPN users are external (it looks like they're just coming from the internet.)
If you're using NAT on the WatchGuard, you'll need to make a 1-to-1 or Static NAT (SNAT), then add that to a policy. If you're not using NAT on the WatchGuard, you'll just need to make an inbound policy.
Here's a quick article that can get you started with Static NAT:
https://watchguardsupport.secure.force.com/publicKB?type=Article&SFDCID=kA10H000000g3K1SAI&lang=en_US
Thank you,
-James Carson
WatchGuard Customer Support
Whenever I have a non-bridgeable ISP device in front of a Firebox, I just add the Firebox' WAN IP to the ISP device's DMZ. SSLVPN works perfectly that way and all other inbound ports hit the Firebox.
Gregg Hill
Hi James Carson,
Thank you for your answer. Will try it tommorow and I will post the result.
Hi @Greggmh123 thank you for your information and Noted.