Fireware v12.2 was released July 30th, but it's not for the XTM models. Improvements for the XTM should still be coming in future 12.1.x releases.
Gregg
↧
Fireware v12.2 released July 30th, not for XTM models
↧
WatchGuard VPN
We have several developers that dial in remotes from home using their home PCS, to help protect the Companies Servers & Data it has been decided that we will provide a free license to the Anti-Virus software that the company uses.
But it has been asked, is there a way to configure the firewall to block the VPN connection if the software is not installed ?
↧
↧
WatchGuard Cloud’s MFA Service, AuthPoint, is now Available
Last week, we announced the release of AuthPoint, WatchGuard’s new cloud-managed multi-factor authentication (MFA). The service relies on WatchGuard’s AuthPoint mobile app, which shows users who is trying to authenticate, on which application, and from where, so you can approve or deny access to your accounts straight from a smartphone.
All AuthPoint management is done through the cloud, enabling users to login, activate licenses and manage deployments from a single interface. This cloud MFA management platform allows companies to scale their security with their growing business. Its multi-tier, multi-tenant setup also streamlines deployment and management for VARs and MSSPs that want to offer managed authentication services to their customers.
For anyone interested in learning more about AuthPoint, additional details can be found here!
↧
Fireware 12.2.1 beta has started. NOT for XTM devices!
The Fireware 12.2.1 beta has started, but it is NOT for XTM devices!
Fireware 12.2 GA release went public a few days ago, too, and it also is not for XTM devices.
Gregg
↧
Watchguard authentication gateway and Samba4 DC
Hi guys, someone here has a samba4 dc and was ablle to connect WG auth gateway to this? I`m trying and got invalid user name error.
I double checked user, pass, port and server. Maybe some line um smb.conf, but at this point I have no clue.
Could you help me?
↧
↧
watchguard ap100
hi all new here..
ive aquired a couple of aps... AP100 to be precise..
ive reset them to factory and pluggged them into the router and nothing..
my router ip is 192.168.1.1 and so is my AP100.. but the internall settings are set to dhcp...
all i see in the ap100 settings is
Gateway Wireless Controller:
Not Configured
.
how do i configure that,, i dont see any more settings
↧
Watchguard Policy - Office 365
Hi All
We have recently moved to O365 for our email hosting. I'm finding that when our internet is under load, users office products suffer with constant white screens (specifically outlook browsing shared mailboxes). I've tested with a manual policy to bypass all rules and priorities from my PC and it makes the system run much better.
I'm thinking I need to use the Traffic Management to assign a minimum bandwidth to Office or there is something I need to do in the policy manager.
So first question - Is there anything specific in the policy manager that is recommended to ensure smooth operation in O365? We have for each of our HTTP and HTTPS policy's the application control allow for Office 365. I tried the massive whitelist for office, but it just bogged the policy manager down
Second question - If I wanted to put a policy for HTTP/HTTPS...
↧
Unhandled external packet with external SMTP
I have this problem that seems to have arisen out of nowhere. The watchguard has been working fine for years until recently. One user cannot with his mobile phone (windows phone) send mail anymore from his phone when he is on an external network. This is the log error:
2018-08-14 18:20:24 Deny xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx 37475 587 0-External Firebox Denied 52 123 (Unhandled External Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148" tcp_info="offset 8 S 1075709303 win 8192" geo_src="FIN"
I've seen this asked many questions too but I haven't found a solution anywhere, the most common answer is to check firewall - default packet handling but there theAuto-block source of packets not handledoption is already unchecked...
I am wondering if the fault lies in the email software or the provider network, given that the issue started...
↧
Watchguard T35W - bridge
Checked out a T35 W for a friend of mine. Device has BSS and is working well...but, WiFi clients get no internet from an SSID on a bridge. DHCP/DNS/Gateway is another (Windows Server) on the sub-net. Devices connect, no internet (yes they get an IP).
There is a WiFi hotspot in the device where DHCP/DNS is on the WG, works perfect.
Ideas? Only thing I could think of is the Gateway setting on the bridge...
↧
↧
Strange ping response while connected to VPN
Using watchguard SSL VPN client. Utilizing ldap for authentication.
So everything gets connected. If I ping my primary DC by IP I get a response back. I can RDP via IP from my workstation.
If I ping by DNS I get a response back from what appears to be google after I ran my trace route. 35.X.X.X.
Now I have noticed that ping returns the same IP when pinging anything by name.. For example if I ping cheese I get a response back from 35.x.x.x. same with any server etc.
DNS Server is set up appropriately in the watchguard for the mobile VPN with ssl.
Has anyone seen anything like this? I have checked the routes etc and I don't see anything that looks fishy.
If there are any questions shoot them my way and I can test and follow up.
↧
WatchGuard XTMv
Has anyone used the XTMv device, is it any good.
At the moment we have a T70 which is fine, but it has been identified as one of the points of failure on our network.
The XTMv looks like something that could be used temporarily, seems to run fine on an old Windows 10 Hyper-V config, but could easily be moved to our 2016 Hyper-V server
If we wanted just the very basic of features - i.e. get users back on the internet - do we need to buy an additional license for the XTMv ?
↧
Watchguard VLAN Wireless
Hello
I have setup a layer 3 switch with a trunk into interface 1 of the Watch Guard Firewall M400. (trk13)
On the Switch and the WatchGuard I have setup a WG_GATEWAY VLAN 170, WG_WAPS VLAN 190, and SVR11_BRVLAN VLAN 11.
I have tagged the trnk 13 in the VLANS as per config below and I have setup a Windows Server with a DHCP service on the subnet of VLAN11.
I have plugged in the WatchGuard wireless access point into port 5 of the switch, WatchGuard int 1 into port 13 of the switch and the Windows server into port 21 of the switch.
After setting up a DHCP scope to match the VLAN subnets i can now connect to the wireless access point and get an IP address.
However I cant seem to ping the WatchGuard gateway address from the Windows Server. I can ping the VLAN IP of 10.170.1.254 but not the 10.170.1.1 address of the WatchGuard? I also cant ping...
↧
Watchguard Fireware Upgrade
I am getting ready to update our xtm515 from fireware version 11.9 to 12.1.
As part of getting ready for the upgrade I have run the status report and noticed the following at the top:
Version : 11.9.B448467
sysb : 11.6.5B364214
Serial #: *************
Model : XTM515
CPU cores: 2
I know I need to be on 11.9 or higher to do the upgrade so I'm a little concerned about the sysb version shown above. I updated from fireware version 11.6 to 11.9 a few years ago did I miss a step?
Do I need to upgrade this before going to fireware 12? If so how do I do that?
Many thanks
Matt
↧
↧
Can't ping directly from Watchguard over VPN
We have a working VPN in place. We can access both networks completely.
But when I try to set up an Active Directory Authentication server that is on the other network, he doesn't connect. When I try a diagnostics and ping the domain controller on the other side of the VPN I also get no response...
Can someone explain to me why I can access the domain controller on the other side of the VPN from a workstation. But not when I try to reach it directly from the Wachtguard firewall. It looks like the watchguard doesn't understand that that subnet must be reached trough the VPN tunnel.
Do I need to add an extra rule for it or something?
Thanks!
↧
Is the T30's POE port 802.3af-compliant?
I'd like to connect a UniFi Cloud Key to the POE port on my T30. Can anyone confirm that the port is 802.3af-compliant?
Thank you!
Jeffrey Pike, Groton Public Library
↧
WatchGuard SSL VPN & Traffic
Our users are using the WatchGaurd Mobile SSL VPN to connect to our servers in the office, but when they do this it mean all internect traffic is redirected via the office.
Is it possible to configure the WatchGaurd Mobile SSL VPN to only redirect the necessary office traffic to the office and the rest of the traffic out to the internet.
Maybe we should be doing the VPN link using a different technology or using a total different connection method.
↧
WatchGuard VPN & CloudFlare
Just wondering if anyone has had any dealing with setting up CloudFlare through a Mobile SSL VPN.
We list the IPs that are to be redirected via the VPN< is it just a case of adding all of the CloudFlare IP Ranges to make a connection.
↧
↧
Watchguard Web UI not accepting Password
I am trying to access the web UI on our Watchguard XTM 515 running fireware 11.9.
I can access the log on page through https://x.x.x.x but it won;t let me log on.
I have tried the status and admin accounts (with domain set to firebox-DB) and both say Authentication Failuer (the same credentials log me in fine to Policy Manager).
If I log in with my VPN credentials then I just get a mesage says that I'm authenticated..
Do I need to do something in Policy Manager to "turn on" access to the Web UI?
Thanks
Matt
↧
How do i allow TP Link router on a different subnet to connect to Mail Server
On our network, we have an Exchange server connected to a watchguard firebox.
Server does DHCP with the firebox as the Default Gateway. The problem is, I configured a TP Link TL-WR840N on a different subnet with the WAN IP in the same subnet as the server but users connected to the TP Link router which is located in the same office can't access their emails but LAN connections work fine.
Also tried OWA on WiFi but that too did not work.
One more thing, internet works alright when connected to this same router.
Thanks in advance for any help.
Regards
↧
watchguard vpn won't connect on one network but connects on other networks.
I am trying to connect to a remote vpn server. When i try to connect from my university network, it doesn't connect. But when i create a hotspot on my cell phone and try to connect, it connects. Where am i getting the problem? it is the university network i guess.
↧