 |
 |
Good morning MSUNAG, I have a professor using an older Watchguard Mobile VPN Client (ver. 10.10) to try to reach back to his law firm's computers to access files. We're seeing some odd behavior that we don't see with other VPN clients from other vendors, so I thought I'd ask if anyone has seen something like this. The client is 32bit, installed on Windows7-64bit, which I've been assured by their technical support isn't an issue. We've tried this with the Windows firewall turned off and on, and the results are the same either way. Antivirus software it told to ignore the VPN application. When we watch the logs in real time, the VPN client authenticates to the remote VPN firewall, builds the tunnel, gets IP and DNS address information for the tunnel and the VPN interface, and says it's connected. Despite what looks like a clean tunnel, we can't see anything on the other side: we can't connect to their remote hosts, and we can't even ping the firewall and DNS server that the client is connected to. When I watch the traffic go down the tunnel in verbose mode, I can see the first two steps of the SYN, ACK traffic, but the third part of the handshake never happens. On the far side, their admins can see this connection come up, and see the tunnel is connected and appears to be error free. At the Law College side of things, the PC running the VPN client is in the highest security zone, so according to our internal network firewall rules, it has permission to open any statefull connection for inbound or outbound traffic. So, I'm stumped. Any of the security gurus who monitor this list, am I missing something grossly obvious? Any suggestions or advice would be appreciated. John Resotko Assistant Director, Systems Administration and Support Michigan State University College of Law 648 N. Shaw Lane, Room 208 Law Building East Lansing, MI 48842-1300 email: [log in to unmask] phone: 517-432-6836 fax: 517-432-6861 web: http://www.law.msu.edu/