How - Setup Wingate for Netscreen VPN Client

[KevinMagee]

I have a Netscreen VPN Client on my Wingate Server machine on my home lan and a Netscreen VPN Client on one of the other machines on the Lan.

I can connect to the corporate network from the Wingate Server machine.

But I can't connect from the other machine. I know the VPN Client works on the other machine. I can connect to the internet from the other machine.

How do I set up Wingate so that it can act as a VPN Proxy Server?

Should say that I can ping the corporate server and seem to get a positive connect message from the VPN Client software. Just when I try to do anything like log on to Corporate Microsoft Exchange and search for a one of the Corporate Nework computer I don't get a response.

Thanks for any help/suggestions ...

[Pascal]

I'm not familiar with the product - and could find only hardware devices on a quick Google search.

However, it sounds as if a data channel is not passing through the firewall. Check the firewall tab in WinGate to see if anything is being blocked (Or potentially, use a packet capturing tool like ComView to see what traffic the machine generates when attempt to connect to Corporate Exchange)

Those might give you indications of what to do.

[KevinMagee]

Thanks for taking a look. Netscreen is a hardware device. The lap-top I'm using has a software client that connects to the NetScreen box at the office. I can see that this is happening.

I have turned off the firewall in Wingate - still can't get through

I've loaded CommView and looked at what is happening - seems that I can ping the Netscreen box in the office, but don't seem to be able to do much more. What should I see?

is there any other things I can do? I turned off the firewall by clicking on the Disable Wingate Firewall.

[Pascal]

First: turn the firewall back on. (Unless you know you're safe and secure)

[Pascal]

Okay. Did the Client Software come with any documentation, etc.? Is there any indication of which configuration changes are required when running behind a firewall / nat device?

Does it make a difference if you run it on the WinGate machine and if you run it on the client behind WinGate?

[KevinMagee]

Pascal

I have checked again. I seem to have a tunnel through to the corporate network using shared keys. I can get this on the client PC, and on the Wingate PC! I definitely have a tunnel from the client via the Wingate PC through to corporate.

But I can't get any further. If I search for known computers on the corporate lan I can't fine them. If I start Microsoft Outlook it can't find the corporate exchange server. Yet I can do this with a direct connection from the Client PC to the internet (via dial-up for example) . Any further suggestions. I'll see if I can find any further documentation .. there is nothing in the help file on the Netscreen Client app.

I do have another Proxy Server and another Firewall on the Wingate PC - I have turned both of these off while trying to connect.

[bk]

I have a VPN for work that I use from home. I want to use it from any pc on my network, not just the one that I have a modem attached to. I have installed WinGate, etc, and everything works well except the VPN client. The VPN client is able to establish a connection thru WinGate, but as soon as tunneling has commenced the connection is aborted - I too resorted to turning off the firewall, but no luck (yes, have since turned it back on). The log of the VPN client shows that everything is going well until the tunnel is established, then reports that it has simply been disconnected.

The only thing that I have noticed in addition to the guy before me is that the client machine is assigned a new ip address by the work network just before tunneling begins - could this have something to do with it. When the firewall is on it doesn't like the new ip address (doesn't say why, just says blocked)

[Pascal]

I seem to have a tunnel through to the corporate network using shared keys. I can get this on the client PC, and on the Wingate PC! I definitely have a tunnel from the client via the Wingate PC through to corporate.

If the tunnel is properly established, etc. then you should be able to reach everything. (I.e. it sounds as if WinGate is functioning properly)

However, when you do certain things it seems as if the data traffic is being blocked. (By a firewall / something inbetween you and the server). The difficult thing would be to try and track that down - find out what / where.

The best suggestion I can make at this point would be to (a) try and reach NetScreen's techsupport to see if they know of any ports that must be forwarded and (b) to enable logging for every firewall device inbetween you and the office network. Then, check the logfiles for the appropriate IP addresses to see where the traffic is being blocked.

[Pascal]

tunneling begins - could this have something to do with it. When the firewall is on it doesn't like the new ip address (doesn't say why, just says blocked)

The WinGate firewall reports it as blocked? That would be because it came up against a blocked port as per the Port Security Actions (Extended Networking).

Check the IP Address - it might be necessary to specify the adapter type for it when you are connected. (Networking pane - under the assumption you are using WinGate v6.x)