f



(2) Watchguard SOHO 6tc's for site-to-site VPN- Possible?

I have two small offices with 2 users in each and I am using Verizon
DSL with Westel DSL modems at each.  Could I create a site-to-site VPN
using (2) SOHO 6tc's?  I plan to use the VPN for printing to a remote
printer.

Thank You
NH
0
nedhart (45)
10/29/2004 12:08:45 AM
comp.security.firewalls 10672 articles. 0 followers. dfinc1988 (97) is leader. Post Follow

2 Replies
452 Views

Similar Articles

[PageSpeed] 27

Ned Hart wrote:
> I have two small offices with 2 users in each and I am using Verizon
> DSL with Westel DSL modems at each.  Could I create a site-to-site VPN
> using (2) SOHO 6tc's?  I plan to use the VPN for printing to a remote
> printer.
> 
> Thank You
> NH

Yes.
E.
0
bellyup (45)
10/29/2004 10:03:20 AM
In article <4a251bdf.0410281608.d4a3a7a@posting.google.com>, 
nedhart@hotmail.com says...
> I have two small offices with 2 users in each and I am using Verizon
> DSL with Westel DSL modems at each.  Could I create a site-to-site VPN
> using (2) SOHO 6tc's?  I plan to use the VPN for printing to a remote
> printer.

Yes, but you need to make sure that both sides are in different subnets.

The SOHO6tc is a IPSec capable firewall - there are many papers on the 
WatchGuard site that explains how to do this.

-- 
-- 
spamfree999@rrohio.com
(Remove 999 to reply to me)
0
void2242 (451)
10/29/2004 10:33:47 AM
Reply:

Similar Artilces:

Site to site with one site's VPN router behind another router
I need to set up a site to site vpn and I am planning to use a Netgear FVS114 or similar at each end. However I have just found out that at one site I will need to put the FVS114 behind an existing firewall router which I don't have access to. The most I can expect is to get some ports forwarded to the FVS114. I haven't bought the units yet, but I have read the docs for the FVS114 and I can't see any reference to specifying a port in the address for the "other" end of a link. Can this be done? If it can't what options do I have? The firewall ...

PIX 7.x VPN Client and site to site VPN's
I read that version 7.x allows the PIX to route back over the same interface, unlike the previous versions. Am I understanding this correctly that with this feature I could now do this: Site A: Central Office, PIX running 7.x Site B: Remote Office, PIX connected to Site A via site to site VPN Client PC: connects to Site A from home internet connection via Cisco VPN client Would the client PC be able to establish a VPN connection to Site A, and actually be able to traverse over to Site B, all while Sites A and B have a site to site VPN running? If yes, does the PIX version/model matter at Site B(i.e. could a 501 handle this scenario if it was in place at Site B)? gkurcon wrote: > Would the client PC be able to establish a VPN connection to Site A, > and actually be able to traverse over to Site B, all while Sites A and > B have a site to site VPN running? You can with split-tunneling -- which I'm pretty sure is available in 6.X(X) as well. Just make sure to include site B's IP space in your config so that packets destined for its network get sent through the IPsec tunnel instead of out your default gateway. > If yes, does the PIX version/model matter at Site B(i.e. could a 501 > handle this scenario if it was in place at Site B)? In fact, it doesn't even matter what's on the other end of the site-to-site tunnel so long as hosts at site A can reach hosts at site B. For example, we have a PIX to SonicWall tunnel to one of our remot...

Site-to-site VPN between two PIX501's
I'm going to be setting up my first site-to-site vpn connection between two PIX501's. My understanding is that it may be as easy as running the vpn wizard in the pdm on each pix. But, I have a feeling that it might not be that easy. Can anyone give me any insight as to what I might encounter and should be prepared for? Best practices? ...

site-to-site vpn #2
show a sample configuration, there are two routers with two ISPs they set up a choice of providers in the fall of another, you need to connect 2 routers tunnel, in what way will be a choice on what sort of tunnel back to work, please give an example of working configuration. R1------------- isp1--------------R2 -------------isp2 -------------- "Slava" <1vasya1@gmail.com> wrote in message news:96d9a0ec-12fe-4495-ae8f-3847ed01d3d4@n6g2000vbg.googlegroups.com... > > show a sample configuration, there are two routers with two ISPs > they se...

site-2-site VPN
Hi everybody, I was asking about the S2S VPN lately, but have a bit different question now. What are the industry standards / best practices to securely connect two company branches? I was thinking of a VPN connection, but it does not allow one to connect two identical subnets e.g. 10.11.12.0/24 with 10.11.12.0/24. Is there a way to connect two offices via VPN and reduce or eliminate the possibility of subnet overlap? Thanks, AL ALeu schrieb: > I was asking about the S2S VPN lately, but have a bit different question > now. What are the industry standards / best practices to sec...

RE: Seeking Data Archiving (BACKUP) Suggestions (was: Re: VAX/VMS site) site)site) site) site)site)site) site)site) #2
-----Original Message----- From: Dave Froble [mailto:davef@tsoft-inc.com]=20 Sent: Thursday, August 17, 2006 12:23 AM To: Info-VAX@Mvb.Saic.Com Subject: Re: Seeking Data Archiving (BACKUP) Suggestions (was: Re: VAX/VMS site) site)site) site) site)site)site) site)site) Stanley F. Quayle wrote: > On 16 Aug 2006 at 14:42, Barry.Treahy@EmersonNetworkPower.com wrote: >> You might find the costs to migrate everything from the 4000/100 models >> to replacement CHARON 4000/108 emulated systems cost effect >=20 > Another CHARON-VAX possibility [Shameless Plug Alert (tm)] is to=20 ...

Match your Design site's data schema and SQL statement to Application site #2
Match your Design site's data schema and SQL statement to Application site between MSSQL 2000 , SQLServer 2005 , SQL Server 2005 EXPRESS Http://www.matchsql.com ...

PIX 501 VPN servers and VPN site to site
Hello I have 2 cisco PIX firewalls. Ihave VPN servers on both of PIX. How can i make VPN site to site this is mu config Office PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname fwl1 names object-group service tcp_19 tcp description tcp ports for server on address 80.80.80.19 port-object eq www port-object eq https access-list outside_access_in permit icmp any any log access-list outside_access_in permit tcp any host 80.80.80.19 object-group tcp_19 access-list 101 permit ip 192.168.1.0 255.2...

Site to Site VPN Problem #2
X-No-Archive: yes Hi Have a site to site VP N problem The network servers are Microsoft windows server both 200 and 2003. AT one remote site using an ASA to ASA VPN clients could pick up email from an exchange server buy not send email. The site with the exchange server cold VNC to the machine that could not send email When one browsed the network one could see only local machines. The domain controller at the remote site had lots of id event 1311 in the directory log. Machines could not connect to an SQL server using active directory credentials but could get to a web site on the same machine. Change the remote site to A PIX 501 solved the problem Mugged config of remote site Thanks in advance for any help : Saved : ASA Version 7.2(2) ! hostname domain-name l enable password no names name 10.0.20.0 mainsite name 10.0.50.0 site a name 10.0.50.2 caffreys ! interface Vlan1 nameif inside security-level 100 ip address 10.0.50.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address aa.bb.nn.mm 255.255.255.248 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! passwd ftp mode passive dns server-group DefaultDNS domain-name object-group service std tcp port-object eq domain port-object eq ftp port-object eq ftp-data port-object eq www port-object eq http...

Site to Site VPN with Watchguard X700
Hello All! I am hoping you can clarify a point of confusion for me. If I want to connect two sites, do I need two Watchguard X700's or just one? Thanks! Jonathan Roberts wrote: > Hello All! > > I am hoping you can clarify a point of confusion for me. If I want to > connect two sites, do I need two Watchguard X700's or just one? > > Thanks! You will need two of something. If both sites are large enough for X700's then yes, two X700s would be good. If there is a main site with many users that requires the performance of an X700 and the ot...

Site to Site VPN with Watchguard X700
Hello All! I am hoping you can clarify a point of confusion for me. If I want to connect two sites, do I need two Watchguard X700's or just one? Thanks! In article <fcbad9f3.0410250803.3e160c89@posting.google.com>, gremln007 @gmail.com says... > Hello All! > > I am hoping you can clarify a point of confusion for me. If I want to > connect two sites, do I need two Watchguard X700's or just one? You can use anything that does IPSec tunnels - such as Linksys or D-Link or you can purchase another WatchGuard. -- -- spamfree999@rrohio.com (Remove 999 to reply to me) On 2004-10-25 12:03:37 -0400, gremln007@gmail.com (Jonathan Roberts) said: > Hello All! > > I am hoping you can clarify a point of confusion for me. If I want to > connect two sites, do I need two Watchguard X700's or just one? > > Thanks! In theory you could use an IPSec-compatible device, but you are probably best served purchasing another WatchGuard device. However, a Firebox X Edge device (next-generation SOHO) might be more applicable than an X700 if one of the locations is smaller than the other (such as a branch office). HTH. -- Scott Lowe In article <2ub33eF28lcelU1@uni-berlin.de>, me@privacy.net says... > On 2004-10-25 12:03:37 -0400, gremln007@gmail.com (Jonathan Roberts) said: > > > Hello All! > > > > I am hoping you can clarify a point of confusion for me. If I want to > > connect two sites, do I...

Is a site to site VPN in this scenario possible?
We have 5-6 users who are operating out of another company's office, and I want to create a site-to-site VPN tunnel from that location's PIX 515 DMZ to the outside interface on our local PIX 515. Is this scenario possible? Thanks for any and all replies. "tical" <frishack@gmail.com> wrote in message news:c5d9adb0-813f-4204-86a2-1d5f3e2c2baa@s20g2000yqd.googlegroups.com... > We have 5-6 users who are operating out of another company's office, > and I want to create a site-to-site VPN tunnel from that location's > PIX 515 DMZ to the outside in...

WatchGuard Firebox and site-to-site VPN
I figured I would ask first, before tweaking configurations and breaking things. I've got a main office with a WatchGuard Firebox X5500e firewall. I have many remote/branch sites with smaller Fireboxes, usually X10's or X20's. We have hardware VPNs established from the remote/branch to the main office. The problem I am faced with is this: From remote/branch site A, I want to access a resource at remote/branch site B (or C or D or etc.). At present, I cannot do this. I have been using RDP to get onto a server at the main office, and from there I can access the resource at the other remote/branch office. Thanks for your help. In article <1187900575.047444.251340@x40g2000prg.googlegroups.com>, toakes@gmail.com says... > I figured I would ask first, before tweaking configurations and > breaking things. > I've got a main office with a WatchGuard Firebox X5500e firewall. I > have many remote/branch sites with smaller Fireboxes, usually X10's or > X20's. We have hardware VPNs established from the remote/branch to the > main office. > The problem I am faced with is this: From remote/branch site A, I want > to access a resource at remote/branch site B (or C or D or etc.). At > present, I cannot do this. I have been using RDP to get onto a server > at the main office, and from there I can access the resource at the > other remote/branch office. > > Thanks for your help. There is no good way to do it - you can cr...

site to site vpn #2 481678
Hello all, We are currently terminating vpn connections from client sites in our dmz area and then letting their traffic pass through our firewall. The circuits and routers that the vpns terminate on are owned by the clients and are located at our facility. We are currently using the 10.0.0.0 address space and so are some of our clients. I can forsee a time when we might have a problem with this if a client has a host at 10.0.0.1 and if we have a host at 10.0.0.1 and we try to connect to the client's host our router will think the host is on the local subnet and not route the packet to the...

Site to Site VPN #2 86105
Hello i need some help about configuration CISCO 1812. We have established VPN between main office A and branch office B. And now all the traffic is secured. But I need on side A to establish that clients from B can get only to one server and not all LAN. Is this possible with Cisco 1812. Thanks B I suppose you must be using some access-list on VPN configuration and you need to only allow te ip/server ip you want to on access-list else drop. On Apr 1, 3:19 pm, boris.ko...@gmail.com wrote: > Hello i need some help about configuration CISCO 1812. > We have established VPN between main office A and branch office B. > And now all the traffic is secured. But I need on side A to establish > that clients from B can get only to one server and not all LAN. > > Is this possible with Cisco 1812. > > Thanks > > B Thanks for replay. I tought to that I need to do in ACL list but it doesn't work. description Tunnel to xy set peer 217.16.87.246 set security-association lifetime seconds 86400 set transform-set ESP-3DES-SHA1 ESP-3DES-SHA match address 108 access-list 108 remark IPSec Rule access-list 108 permit ip 10.0.0.0 0.0.0.255 10.98.0.0 0.0.255.255 Can you write how to drop it. I need only permisson to server with IP 10.0.0.4 B On Apr 2, 8:18 am, "CK" <chetan.ka...@gmail.com> wrote: > I suppose you must be using some access-list on VPN configuration and > you need to only allow te ip/server ip you want t...

Site 2 Site VPN support WINS?
Currently, I have Cisco 506e PIX and a Linksys VPN end-point router connected. I have NetBIOS Broadcast enabled on the Linksys, but not able to use "\\workstation1" to access remote computer. But if I use the actually IP address of that workstation, it is ok ("\\192.168.1.100"). Does WINS work on a site-to-site VPN setup? In article <n2lve1hibkn767vnd28mvjvadal09veaik@4ax.com>, Latest News <for_latest_news att hotmail dott com> wrote: :Currently, I have Cisco 506e PIX and a Linksys VPN end-point router :connected. I have NetBIOS Broadcast enabled on the Links...

site to site VPN CISCO PIX #2
I use a VPN site to site, PIX 515 to PIX 501. The access is 2 ways. Could I configure a priority through tunnel? I want to permit the access only PIX 515 to PIX 501 and deny for PIX 501 to 515. I used crypto map outside_map client configuration address initiate --for PIX 515 crypto map outside_map client configuration address respond --for PIX 501 But I have access in two ways !!! Could I use a command crypto ? Thank you ! silviumed In article <1146524343.471393.228570@v46g2000cwv.googlegroups.com>, <silviumed@gmail.com> wrote: >I use a VPN site to site, PIX 515 to PIX 50...

site to site vpn with internal NAT #2
Hello. I have a PIX 501. inside network = 192.168.1.0 255.255.255.0. I need to create a site to site IPSEC VPN through the external interface. on the remote side, there's already a LAN with 192.168.1.0, so they asked me to configure an internal NAT in my system so that when my 192.168.1.101 tries to contact a peer on the remote side, he will be identified as 192.168.48.49. Is this possible? if so - how? Thanks. In article <1131656242.987765.16140@g43g2000cwa.googlegroups.com>, Meni <meni.milstein@gmail.com> wrote: :I have a PIX 501. :inside network = 192.168.1.0 255.255.25...

where is S.Schweda's OpenVMS-ports web-site? #2
From: joukj <joukj@hrem.nano.tudelft.nl> > Today I tried to get some of the softwere Steven Schweda ported to > OpenVMS. Howver, the usual link > http://antinode.org/dec/sw/bzip2.html > gave me an "angry alligator" telling me the page does not exist. > Where can Stenn's stuff been found? From: "Martin Vorlaender" <mv@pdv-systeme.de> > http://antinode.info/dec/sw/bzip2.html Annoying domain registration problems. Everything's at antinode.info now. Search engines should be figuring it out soon. --------------------------------...

Can't load Citibank's secure web-sites
Hi, I have three computer at home - all connected to the same Linksys router/firewall. One have wire connection and two - wireless. One wireless computer does not seem to be able to connect to any of CitiBank sites, while others have no problem. Sites of other banks (for example, Chase Online) work normally. This defiant computer is Win'98SE system with the latest version of Internet Explorer and Netscape Navigator that do support 128-bit encryption. It also has Norton Internet Security 2003, however, the problem persists even when NIS is disabled. I did not find any places where Citi domains are blocked. My wireless network currently do not have WEP enabled. Any advice on further troubleshooting? TIA, Eugene ------------------- PS. Was originally posted on comp.security.firewalls under with a different subject, but got no responses. I've found LinkSys support to be excellent. http://www.linksys.com/contact/contact.asp Please let us know how it goes. I'm curious about your problem. -- Gary S. Terhune MS MVP Shell/User http://www.grystmill.com/articles/cleanboot.htm http://www.grystmill.com/articles/security.htm "Eugene F." <pm771.am@gmail.com> wrote in message news:1111330358.637869.143350@f14g2000cwb.googlegroups.com... > Hi, > > I have three computer at home - all connected to the same Linksys > router/firewall. One have wire connection and two - wireless. > > One wireless computer does not seem to be able to co...

Can't relogin to site
Rather than me explain the problem, read this exchange of emails between my web host and myself, then tell me what I can tell them! I had a problem with their admin site all day, and after me saying "can't log in", and them saying "nothing wrong", I sent the following: ------------------------------------------------------ > Found it! Tried it with 3 browsers now (IE, Opera, Firefox), and the > result is that I've just discovered a problem with your site... > It sets a cookie, PHPSESSID, with a value. If I get timed out or log out, > I cannot log i...

setting up site-2-site with PIX 506e VPN Wizard
Hi All: looking for an introduction on setting up a site-to-site vpn between two PIX 506e using the wizard. Pix 1 has inside IF 192.168.0/24 Pix 2 has inside IF 192.168.1/24 I want to enable 192.168.0.10 to connect to 192.168.1.15 I tried to step through the wizard, but am stuck at what to configure for the remote IPSec Traffic Selector. If I select the inside IF of PIX 2 and enter 192.168.1.15 as the termination point, I'm prompted to provide a static route. Am I setting it up correctly up to that point? If so, what IP/IF would I want to specify for the route? TIA cisco wrote:...

2 simultaneous site to site VPN tunnels with 3 PIX
I have been having a tough time setting up 3 PIX devices so that all 3 have 2 tunnels to the other 2. I can only get one to keep both tunnels open, making a chain instead of a fully connected triangle. When I managed to bring up the 2nd tunnel on another, it broke the 1st tunnel, leaving me in the same situation. The config for all 3 is nearly identical, so variations in behavior are especially perplexing. 2 are using 6.3(5) and 1 on 6.3(3). Any suggestions would be appreciated. access-list 100 permit ip 192.168.1.0 255.255.255.0 192.168.11.0 255.255.255.0 access-list 100 permit ip 192.16...

PIX VPN Problem (EZvpn and Site-2-Site in parallel)
Hello, I shall establish a EZvpn and a site-2-site VPN config on a single PIX. Sounds straight forward and not to difficult. Yes, but ? Both part on their own work just fine. When I run the EZvpn part and then add the site-2-site part I never get a proper ISAKMP releationship as you can see from the two show outputs at the very end. Below you see the configuration I use. There must be something wrong with the order of operation for the authentication of the site-2-site connection. Any help is greatly appreciated. Roland Configuration extract: ---------------------- crypto ipsec transf...

Web resources about - (2) Watchguard SOHO 6tc's for site-to-site VPN- Possible? - comp.security.firewalls

How To Stop Creepy Ads From Following You From Site To Site
Firefox is considering adding a "do not track" feature, but Internet Explorer 8 already has one.

[技术分享]小谈 TMG 建立 IPsec Site-to-Site VPN - 微软大中华区安全博客 - 比特博客
TMG作为微软的网关产品可以和其他产品建立Site-to-Site VPN,这样可以让两端防火墙后面的指定资源实现互访。而IPsec VPN是当前比较流行的VPN,又可以和其他设备兼容。在配置过程中,不少客户遇 ..

Resources last updated: 3/13/2016 6:20:11 AM