Hi Guys,
I have three external lan, i want to let default traffic through to Wan1 & Wan2 with Round robin mode, and then let some server's service and special site through to Wan3.
And then Wan1 or Wan2 Fail, it is need to failover.
I do not know how to do better, have anyone can give me some Suggest?
I need to add new Wan Network(300/100M) and remove WLB Device(100/30M), use New Wan 3 replaces Wan 1.
My plan is add new Wan Network interface, and then modify existing policy rule(outgoing), change policy based routing W1 to W3.
Policy 45, PBR is 5,in order to change new Wan Network, i had modify PBR to 4.
orig policy 45:
New policy 45:
In genera, client can browser e-learning website, but it's fail, and i can't see any traffic in the traffic monitor.
I try to add new policy, use TCP-UDP Packet Filter to replace existing policy type(Permit LAN Out Port), i can browser e-learning website, and i can see https/tcp 443 traffic in the traffic monitor.
Why?I just use exsiting policy rule, and then change PBR to new WAN Network, why does it not work?
Hello,
If i use rapid deploy quick start it will download a configuration from Watchguard.
My question is if i reset Watchguard it will download automatically the configuration from Watchguard or will be a clean configuration?
Hi to ALL,
i have a problem with a Videoconference Polycom.
Between local ip it work properly, but if i use static NAT i can call and see the people on the other side.They see me perfectly btu they do not hear me.
My policy is H323 proxy with this port:
389 TCP
1503 TCP
1718 UDP
1719 UDP
1720 TCP
1731 TCP
3603 TCP
3230-3241 TCP
3230-3291 UDP
Have i miss something?I don't know why doesn't work?
Any suggestions?
Thanks
So I'm struggling with deploying this client when a user is already connected to the VPN.
Some background:
- Only admins have administrative rights to install anything
- We have recently updated our Firebox stack to 12.1 which is prompting some users to update their clients which means they have to open a help ticket
- If a user gets logged out of the VPN for the install and it fails we are unable to help
What's the best way around this? Ideally, I do not want to give users admin rights. Does the WG do an automatic update?
Hi,
I am using WatchGuard M300 and we have setup a BOVPN tunnel to a vendor from our internet network.
Say one of the IPs of vendor added to the tunnel is 10.10.10.1.
We have multiple SQL packages using this IP and now we are planning on changing the vendor. The pain here is we manually have to change all the SQL packages (700) IPs to match with the new IP.
I am thinking if we can create a SNAT policy to the new IP (192.168.0.1) we dont have to change any thing on the packages.
For eg: From our internal network (192.168.100.5) to 10.10.10.1 (IP in the sql packages) to 192.168.0.1 (New IP)
Is there any possible way to achieve this.
Thanks in Advance
Rahul
Hey folks
I have our M400 handling SMTP in.out traffic through the SMTP proxy, and it utilizes the Spamblocker service. The router is logging to a Dimension server (but managed by a WSM server). For SMTP, it is (should be, as I configured it) logging pretty much all mail, allowed or denied..
Does anyone know if there is any good way to filter out "allowed" email and just find mails that were turned back? I can get all sorts of stats and graphs saying "this many emails turned away" but seemingly no good detailed info beyond that, if I click on the SPAM reports tab in Dimension. Likewise, I can get a huge list of all mail traffic if I click on the SMTP proxy reports, but it doesn't say whether it was allowed or denied.
TBH I find this to be an issue with WG's logs. I love these routers and all the info I can log, but it seems to me...
Im getting debug message on Watchguard log.
Is this critical or can affect the firewall connectivity?
how can i rid of this debug message?
thanks in advance
When a non domain PC connects to the VPN it cannot access anything on the LAN. I've tried using IP and name to ping, remote desktop, file shares ect... But when a domain PC connects to the same VPN and same login it can go everywhere. Can ping, remote desktop, file shares everything. I am at a lose of what setting may be wrong or missing. Could someone point me in the write direction.
Thanks
Hi Guys, We are experiencing an issue we think on our firewall (WG M200).
the issue sometimes, we will be disconnected to the internet, but when we check our firewall status, it is online/active, when we direct our ISP connection to a laptop it is working, we return back the ISP connection to our firewall then hard restart the firewall, then the connection will resume. when i check the fault report in the web interface, it says userspace crash.
what might be the problem and what is the possible solution on it?
Thank you and have a good one.
PS. we have little experience on this firewall.
Do SSL clients can use static IP when the VPN connection is established ?
When using distributed VPN from one country to HQ in another country, the first country is blocked from streaming local video, since Internet is in different country. Is there any work around?
Hello
i have a T35 watchguard firebox that i am having issues with, it works perfectly fine fore a few hours but then gives me authentication issues with the ppoe
it is directly conencted to our standard Eircom F2000 router that is in bridge mode, but after a few hours the internet drops and i get these authentication issues
all help appreciated
thanksv
Hi to All Spicemasters!
Good day.
I have encountered a problem with my WatchGuard Firewall. We have one application where the form is embedded on my web server using iframe. To access it outside I created a SNAT configuration to the external interface of the Firebox Firewall. The problem when I browse the web server link I can only access it inside my Firewall. But when I try to access it outside I cannot. I tried to check if my firewall is the issue but when i tested with the web server I can access the wamp page. I am confused as to what is causing my problem. Below are the screenshots and the details.
This is the iframe mebeded on my website I created in my web server.
Here is the output of the webserver when accessing outside my firewall.
But when I try to access the web server only I can see it outside the firewall. I am confused what...
Hi Guys,
I blocked the personal gmail access on XTM 850. i was successfully blocked the personal gmail account and allowed the company email only. The problem was, im trying to login with personal gmail account in hangouts but it's also blocking the personal gmail in google apps. I already added the X-GoogApps-Allowed-Domains in HTTP- Header but still no luck? any tips guys? THANKS IN ADVANCE. Here's the error on hangout login page.
Hi,
I cant seem to find out what port or how to download the Watchguard SSL VPN client from the Watchguard device. As per the instructions it should be on one of the below but its not. Is there anywhere within the web interface to determine where the client can be downloaded from?
Windows 10 upates are hogging the bandwith through our Watchguard M400
Without going into "use WSUS" is there a way to limit the bandwidth in the Watchguard unit for windows downloads.
I am in a bad spot. The DNS will not work at any of our branches. It does not matter what dns server we use, all lookups fail. We can ping the DNS server or any other ip address. From the corporate offices I can use DNS and I can get to all of the offices. We are using Watchguard T-30's that run a BOVPN back to corporate where we have a clustered pair of Watchguard M400's. We have VOIP phones at the offices and those are going down once they are refreshed. I am at wits end. We did have some upadates from microsoft last night, but that would not affect the T-30's or the Polycom phones. Also we use all the same pc's in the branches and at corporate.
Any ideas would be greatly appreciated.
Does anyone have experience setting up Google Cloud Printing services on a Watchguard? I didnt think there was much configuration needed but the job goes out, but not to the printer.