Hello,
We have XTM330 but spamblocker is not blocking spams on imap. I don't see setting of IMAP in Spamblocker. How do I do?
↧
IMAP and spamblocker WatchGuard XTM 330
↧
Watchguard BOVPN - FreeRdp access from Remote Site
Main Site XTM525. Remote Site XTM22W. - Configuration attached as a pdf.
I am using Devon-IT ThinClients that are booting from a USB drive. I have ThinStation 5.2 loaded onto the USB drive. These work great from the corporate office. When I try to connect from a remote site over a BOVPN I get a security protocol error.
To troubleshoot - The ThinClient can not run Linux Mint, but I booted it from a USB drive on a laptop and can successfully connect from the remote location to the same RDP gateway using FreeRdp from that OS.
I am wondering what packets from ThinStation build are not transmitting over the BOVPN. I am using an Any packet filter so theoretically everything should get through.
Any Ideas.
↧
↧
Suspicious User
We received a request to monitor the activity of a specific user. We can search his IP and see some information but I'd like more data. Can I sniff the packets and see what exactly was/is transferred instead of a general 'HTTP' transfer? If I generate a per client report , detail for his IP, nothing returns even with the date adjusted for a week.
↧
Watchguard M500 using 11.9.4 SPAM filter doesnt appear to be working well.
I have been using the XTM 5 and recently migrated over to M500, before the spam filter did well I see the message logs showing up that it is blocking spam and denial messages on the monitor. However setting these up again on the M500 box, I do not see these messages any more and now my organization is getting bombarded with spam.
Did something change between these devices? I am contemplating on getting the box patched up to 11.10 beta with the fixes I see listed on the release notes.
Is others having the same issue?
↧
Exclude certain domains from web logs?
I'm using the HTTP and HTTPs proxies to monitor web traffic. The logs go to our Dimension server.
Mostly this works well, but there are a few domains (update servers, google safebrowsing servers, etc) I want to exclude from the reports. They just clutter things up and make it hard to see the real problems.
Unfortunately, I can't find any way either on the firebox side or the dimensions side to exclude domains. The closest I've found is the "HTTP Proxy Exceptions" in the proxy configuration, but even though domains in there are exempt from the proxy's rules, all the traffic is still logged.
I thought perhaps I could have 2 HTTP proxy policies, one with logging and one without, but that won't work either - there's no default action for "continue to the next policy", it all has to be in one rule.
↧
↧
DMZ on optional interface
I am setting up a DMZ on one of the optional interfaces of our watchguard xtm330.
The DMZ will house (to begin with) a machine that hosts a web service that interfaces with a database on our trusted (back office) network.
The DMZ has the IP range of 20.x.x.x /24 and is connected to the optional interface 3 of our firebox
The back office network has a IP range of 10.x.x.x /24 and is connected to trusted interface 1 of our firebox
According to the articlehttp://www.watchguard.com/infocenter/editorial/135079.aspit shows to only allow the very necessary traffic from the DMZ to the trusted network.
The only port I need to access on the trusted network from the DMZ is 8150. I also do not want sessions to be able to be initiated from inside the DMZ to the trusted network.
How do I implement this? Any articles of similar configurations would be very...
↧
WatchGuard Firebox XTM 515 "tcp syn checking failed"
Fireware Version 11.9.5
Getting the following error and not sure what it is telling me, any help is appreciated. In the first line is it denying .187 to .125 ? I have a policy that allows tcp 2598 from 10.10.20.100-150 to 10.10.10.187 for my Citrix traffic, the user gets disconnected when this happens
2015-04-15 10:53:17 Deny 10.10.10.187 10.10.20.125 62917/tcp 2598 62917 1-External Firebox tcp syn checking failed (expecting SYN packet for new TCP connection, but received ACK, FIN,or RST instead). 61 127 (Internal Policy) proc_id="firewall" rc="101" msg_id="3000-0148" tcp_info="offset 5 A 1476272720 win 64513" Traffic
2015-04-15 11:00:50 sessiond Firewall user user@localdomain.com from 10.10.20.125 logged out id="3E00-0004" Event 2015-04-15 11:00:51 Deny 10.10.10.187 10.10.20.125 62979/tcp 2598 62979 1-External Firebox tcp syn checking...
↧
VOIP through Watchguard
Hello all,
My company is setting up a small satellite office for our accounting team. The accounting team needs an IP phone to connect to the main office. The phone is a Toshiba IP5631-SDL. I need it to communicate with the phone card in the office through a Watchguard XTM 515 Firebox.
How would I set this up?
I created a policy and SNAT to forward all traffic from my external IP to the internal IP address of the phone card. However it still wont connect.
It says Server not found.
Any help would be greatly appreciated.
↧
Watchguard XTM33 - How do I stop or prevent a brute force attack on my VPN?
I am NOT a firewall guru. So what is the best way to prevent or stop a brute force attack on my VPN?
On my file server I can see that I am getting hammered all night with attempted logon's coming from a couple of different IP addresses. How do I prevent this from happening?
Is there a feature built into my firewall that I just need to turn on or configure?
↧
↧
networking
I have an xtm515 router. i have port fwd setup and sso setup to authenticate with AD. I have a mail server as well. when i try to get to my mail server from outside the network;. it asks me to authenticate through sso instead of going straight through to the mail server from out side ..
please assist
↧
IGMP, linear IPTV and Watchguard XTM 22
Hello
I'm in the UK with TalkTalk Fibre as my ISP.
I have a BT Openreach VDSL modem, which connects via Ethernet into my Watchguard XTM22, which is then connected to a Draytek Vigor 2830n router.
I want to be able to watch TalkTalk's internet TV channels, which are provided using IGMP multicasting.
I have the Draytek set up correctly to do that - if I take the Watchguard out the loop (i.e. connect the Draytek straight to the VDSL modem), everything works ok including the IPTV channels. The Draytek has its IGMP proxy enabled, so does the hard work in managing the multiple devices on the LAN (including several set top boxes).
With the Watchguard connected, while the internet works, the IPTV channels are not accessible.
How do I set up the Watchguard to forward on IGMP packets to the Draytek? I've tried creating a rule which permits IGMP...
↧
Watchguard SSL VPN
I have a couple laptops that continue to have issues (and a lot more that do not) with the TAP driver associated with teh Watchguard mobile ssl vpn client
it seems to be related to the digital signature but i am not having luck remedying the issue
So far i have turned the UAC to off and downloaded the ver 9 tap driver from opnenvpn and no luck
Has anyone run into this and found a fix ?
↧
Watchguard exchange SSO client not working properly
I have a support ticket in with watchguard, but don't seem to be getting anywhere with that so far...maybe someone here knows how to fix this.
Using an XTM510, firmware version 1.9.5
I'm setting up the SSO agent - and most of it is working perfectly. The only thing I'm not seeing users for that I should is android (and possibly iphone, haven't checked yet) cell phones.
I have the exchange monitor setup and working. For testing I disabled all of the SSO methods except for exchange. On desktops running outlook, it worked perfectly.
The only difference I see between outlook and android clients is how the IIS logs show their username. For outlook, it's 'DOMAIN\username'. For phones, it's 'username@ourdomain.com' - their user principal name.
If I telnet to port 4136 on the exchange server, I see it sending responses for both desktop and phone...
↧
↧
Setting Up a Secondary WatchGuard Server in another Building
Hello,
My company recently purchased another building and we're trying to setup network in the new building as an extension of the original network. We currently have an external ISP and Antenna passing network connection from the original network to the new building. Ultimately, we will be completing a BOVPN for both building along with allowing traffic from the second Watchguard to go through the default gateway on the first Watchguard so that we only have one place to look for authenticated users. Additionally, we need to have the second Watchguard obtain IP addresses from our DHCP servers on our DC. Since we want the ability for VPN, I assume this setup must be a mixed routing config. We have are able to connect to the Firebox of the second system from the first Watchguard but when we connect a PC to the second Firebox, we are not...
↧
Internal traffic blocking
Dear all,
Please help me on this. I've one mail server inside our network with IP 192.168.1.36. While I'm trying to telnet with port 25 from other system i.e., telnet 192.168.1.36 25, it is not connecting with that server. Kindly reply your comments. Whether any internal traffic is blocking?
↧
Skype for Business and Watchguard Firewall settings
We just purchased Office 365 Business Premium and have deployed the Office programs and Skype for Business. But we are still using our in-house Exchange 2007 server for email.
I have been following the instructions here:
Step 1 is complete, and everyone can log into Skype, see others status, IM, share screens, etc. But I have a problem that I have been unable to overcome:
In the desktop Skype program under the Meeting tab, no users are seeing their meetings, and most users' status is not showing 'in a meeting' when they have meetings on their calendars.On an Android phone, connected to the office Wi-Fi, the Lync app shows no meetings, BUT if I turn off Wi-Fi or go to a different Wi-Fi network the meetings will appear.
So I made some...
↧
Having issues getting SQL through Watchguard Firewall
Hello everyone,
I inherited a watchguard firewall with a new client that wasn't properly configured to allow some of the services through that their cloud providers need. I am not very good with Firewall's but am a quick learner and thought I had this configured properly but still cannot get it to work.
I need a specific external IP address to be able to access SQL remotely. i setup SQL server (SQL Express) for network access through static port 1433, i have windows firewall currently disabled so it isn't a factor in the setup and i through i configured the SNAT rules and firewall policies to allow access. I tested this by copying the exact same options for web port with the same external IP limitations etc and it works perfectly. When i apply the same thought process to SQL port 1433 i cannot access it through a remote SQL Management...
↧
↧
Getting "Login Failure: Target account name is incorrect" only on VPN
So here is the situation:
Client laptop works on client site without issue. Connects to network, login scripts maps drives without issue.
Client has previously been setup with SSL VPN through Watchguard Firewall. Client would verify internet connection, open SSL VPN, and then run batch file to run login script and map drives.
Recently (approx 1 week now) Client can not connect to mapped drives when using VPN.
Two errors are occurring that at least are directly related it seems:
1. login script reports system error 1396 logon failure:The Target account name is incorrect.
2. when using \\servername; \\servername is not accessible. you might not have permission to use this network resource.
My confusion is why is this only happening when using the VPN. I would expect to see this error when logging on locally as well if there is an issue with the...
↧
WatchGuard Multi-WAN Configuration
I'm setting up a secondary External interface on our network to route traffic from a certain VLAN out exclusively. I'm a bit held up in the multi-wan options WG gives when you have two interfaces.
How have you guys set this up? Can I put the interfaces in failover mode AND route VLAN traffic on the secondary interface or am I in an either/or scenario? If I can't use failover, which multi-wan option would you use for this case? Hope you guys have some good ideas on how to accomplish this!
I have an XTM 525 and pro mode.
↧
Cannot get SIP traffic to work with Watchguard 515
I have an almost identical setup here at base, but when I set up customer's WG similarly I cannot make it work. Their rules are attached as screenshot:
↧