We have been having issues sometimes with users connected to the Watchguard VPN that can’t connect to the network drives and or Windows saying the domain isn’t available. I know at home when I’m connected to the VPN, I can’t connect to any network drives. I haven’t manually set the DNS or gateway on my router. What would cause these problems and is there a fix that my network engineer can try?
Thanks in advance.
In the VPN configuration on your Watchguard in DNS Settings (advanced tab) make sure you’ve got “Assign these settings to mobile clients” selected and set your domain name and domain DNS servers there.
Try disabling ipv6 on the client.
Can you ping internal IP addresses when connected?
Make sure in the firebox the SSL vpn settings are giving the clients internal DNS servers IP.
Policy related? DNS allowed from sslvpn users?
Try using the open vpn client or reinstall. Sometimes the Watchguard SSL client has some troubles.
In the VPN configuration on your Watchguard in DNS Settings (advanced tab) make sure you’ve got “Assign these settings to mobile clients” selected and set your domain name and domain DNS servers there.
I think we already have the domain name and domain DNS servers set in there. Once connected it shows the domain name and DNS IP in the VPN connection details.
Yes, I am. Works when mapping the network drives by IP address.
Gotcha, and what’ve you got set in the networking section related to allowed networks? For example we use “force all traffic through the tunnel”. If you’ve got something else selected like “specify allowed networks” make sure you’ve got the IP networks you want your VPN clients to access added.
You ever get this figured out?
Sounds like DNS issue to me. Doublecheck the the interface metric in ipv4 settings on your vpn network adapter and set it to 1 instead of Auto.
This past weekend I tested the VPN with my guest wifi off and not just hidden. It seemed to work now. I am able to connect to the network drives through their names and also the domain controller.
Hmm weird. My only other thought was (if you weren’t forcing all traffic through) to use the full resource name for access like in rdp use computer.domain.tld
Glad it’s working for ya