Watchguard 6ct and SBS 2000
Windows Server Forum Index Windows Server
Server discussion on Windows platform.
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Google
 
Web winserverhelp.com
Watchguard 6ct and SBS 2000

 
Post new topic   Reply to topic    Windows Server Forum Index -> Small Business Server 2000
Author Message
Guest
Posted: Mon Jan 17, 2005 6:14 pm    Post subject: Watchguard 6ct and SBS 2000 Reply with quote
I have a sbs2000 for a client that we recently got a 6ct forI have a
sbs2000 that we recently got a 6ct for. A few issues...

They have 2 offices. Main one is on a SDSL line and the other is on a
cable connection. The users at the cable one are not technically
inclined. I had them running a PPTP VPN to the main office and then
running a TS session to a TS that they worked off of. All good!

But the Cable line is unstable, and they complain / do not want to have
to redial the VPN connection when it is dropped by the PPTP due to
issues. So I figured a Site to Site VPN would be good, as it would
allow the devices to reattach whenever the line goes down, with no
interaction on their end (other than reopening a TS session).

So...I get the 6tc after my CDW rep told me that they will support the
Site to Site, as well as allowing the passthrough of PPTP - so I need
not reconfigure all other users (like myself when I VPN to them)

Ok - enough background...

We have 5 usable static IP's. I set the 6ct External interface up with
the ISP's assistance and can go outbound fine. I tested sending email
(through the SBS server (Exchange/ISA) and received ok by outside
address. However, the inbound email is not working. Network is as
follows:

65..49 (External Gtway)
65..50 (external IP)
65..51 (External Email - assigned as such by ISP) and I have .52 and
..53 available

192.168.1.1 (Internal 6ct)
192.168.1.2 (External ISA)
192.168.0.x (internal ISA)

So I created the following routes:

Routing Table

Destination Gateway Genmask Iface
65.x.x.48 69.x.x.50 255.255.255.248 eth0 (external)
192.168.1.0 192.168.1.1 255.255.255.0 eth1 (trusted)
192.168.1.2 192.168.1.2 255.255.255.255 eth1 (trusted)
192.168.0.0 192.168.1.2 255.255.255.0 eth1 (trusted)
65.x.x.51 192.168.1.2 255.255.255.255 eth1 (trusted)
192.168.1.1 192.168.1.1 255.255.255.255 eth1 (trusted)
192.168.1.0 192.168.1.1 255.255.255.255 eth1 (trusted)
0.0.0.0 65.x.x.49 0.0.0.0 eth0 (external)

For some reason inbound email is not passing thru to the 192.168.0.1
address?

Also I configured rules to allow PPTP to pass thru and it is not
either. ?????

Did I total screw up this configuration?

Additionally, I noticed in posts by Jeff and others that Site to Site
does not work as the end point is outside the ISA. Could I not have a
route that allows the traffic to pass to the ISA server and it will
allow it on thru? Just seems like this was a waste if that is the case.
Back to top
Guest
Posted: Mon Jan 17, 2005 6:14 pm    Post subject: Re: Watchguard 6ct and SBS 2000 Reply with quote
<snip>

Ok - so I learned that the 6ct will not listen on 2 IP's - need the
X500 minimum to do this.

Scratch that.

But while researching this issue - I found an article on ISA 2004 that
discussed hooking a IPsec VPN from a Dlink to an ISA 2004 server.

Could this be done? Hook the remote office with the 6ct and connect to
the SBA ISA server? Do I need SBS2003 for this? Or is this a feature
on only 2004?
Back to top
 
Post new topic   Reply to topic    Windows Server Forum Index -> Small Business Server 2000 All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




New Topics Powered by phpBB