Options

Configured BOVPN and now cannot access firebox IP

Willsmyth00Willsmyth00
in Firebox - VPN Branch Office

Firebox M270 running 12.8
I had to reconfigure my M270 after messing up the config. Initial setup in place and external internet access working. Port 0 - Lan, Port 1 static IP to leased line. I tried to reconfigure my BOVPN and was getting a message "no matching tunnel route for peer proposed". BOVPN still reporting the error. A few minutes later the firebox dropped off system manager and can no longer be accessed via IP (or pinged). External internet still up and running.
I have tried resetting the firebox and setting it up a 2nd time and got exactly the same issue as soon as I add the BOVPN. (confident that my BOVPN settings are correct as remote end was not touched.)
Any help would be greatly appreciated.

Comments

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Willsmyth00

    It's most likely that the rule governing access to the firewall isn't being matched anymore (either due to being changed or for some other reason) or your IP changed to one the firewall is not expecting.

    If you changed the IP addresses on the interface that you're working with, check to see that you're now on the one you expect.

    If the policy was modified, you can change it via the console port.

    (Use the Console Port to Regain Administrative Access to a Firebox)
    https://techsearch.watchguard.com/KB/WGKnowledgeBase?lang=en_US&SFDCID=kA2F00000000L52KAE&type=KBArticle

    If you're not sure what happened, resetting the firewall may be the best option:
    (Reset a Firebox)
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/backup_upgrade_recovery/recovery_procedures_c.html

    -James Carson
    WatchGuard Customer Support

  • Options
    Bruce_BriggsBruce_Briggs

    If using WSM Policy Manager to do changes, then the last config is saved to disk.
    In Policy Manager -> File -> Save -> select "Always create a backup" to have a date/time stamped copy of the config save to disk.
    This way you can easily revert to a previous config.

    Using the Web UI, it is a manual process to save a config: System -> Configuration File -> Download the Configuration File

    If you firewall is managed by Dimension, then recent configs will be shown in Dimension, which can be restored.

Sign In to comment.