Hello all,
I recently upgraded my firebox X750e to an XTM 515. I have subscription to the Spamblocker and have made sure that the SMTP policy settings are set to drop confirmed spam and bulk. However it seems that there is more spam coming through now then before. Any suggestions?
I'm trying to reduce some log traffic. Multi-WAN pings are continuous and quickly use up the minimal FB log memory. I've tried to non-logged create a policy to catch these, but they're always matched by "Any from Firebox-00". This policy isn't in the list, and I've not yet figured out how to create a policy that can override it. What can I do?
We have watchguard firewall XTM525, I want to block facebook on it. As you know that facebook is also on HTTPs, so I created two proxies one HTTP and one HTTPs and create proxy action for both and block facebook, which works fine. Now, the issue is some websites on HTTPs (banking website) start having issue, worse part is web browser doesn't show any error message from firewall browser it simply doesn't show any page just white screen. When I disable HTTPs proxy it seem to be ok, it's nightmare. Can any one please suggest any way so that I create proxies or any other feature on firewall which only block website I want and doesn't interfere with any other websites. We have Watchgurad support but unfortunately they are not helping at all and online knowledge base doesn't help either.
Thank you so mcuh
Currently we have many BOVPN's at remote sites that connect to us via the Internet, now for a new site we are getting an 100MB LAN extension but I can't get my head around the config. I'm sure it's possible, but can't find any documentation on Watchguard site or Google/Spiceworks.
Current config
HQ - XTM810
Int0 - External to Internet and BOVPNS
Int1 - Trusted Inside Network (Our main network)
Int4 - Interface I want to plug HQ end of the LAN extension into
Remote Site - XTM33
Int0 - Interface I want to plug Remote end of the LAN extension into
Int1 - Interface that will plug into the switch to service Remote Office Computers
Outcome Wanted
Thanks in advance, looking forward to learning this!
I still have two x550e with XTM 11.7.3 running and think about a replace of these boxes with the latest XTM 5 series.
Is it possible to transfer the settings including firebox users, MUVPN, BOVPN etc of the old box to the new one? And how can do this?
Thanks in andvance
Michael
Hello Everyone!
I've been trying to figure out how to set up the Active Directory portion of the authentication servers section. I was hoping that several vpn users would be able to log in with their AD account but I haven't been able to figure out how to properly do the setup. Here is what I am facing.
I'm trying to fill out the portion under the IP used for the server.
I have a group set up in AD as RDGroup which is in the XGroups OU which is then under X. This is what I have tried in that field with no luck.
cn=RDGroup,out=XGroups,ou=X,dc=X,dc=local
As per the searching user I am using the administrator account. I don't know if this needs to be set in a similar format to what is above.
I have also left the login attribute as sAMAccountName. But for troubleshooting I tried cn, Display Name, and Name.
Hopefully someone has the answers out there! Thanks for your advise in advance.
I understand there is a device (Broadband Extend Wireless Bridge) we can connect to our Firebox along with a 4G stick from our cellular provider to create a second internet connection that could be used for failover if someone digs in the wrong spot and cuts our fiber. Can anyone point me to information about install/config for this, as I can't get any response from my local reseller on it.
Hi,
Model: WatchGuard XTM 21
Policy Manager Release 11.5.1-B331288
Fireware XTM v11.4.0
We have a problem saving a configuration upon finishing up with Policy Manager to Firebox with the following error after entering passphrase:
INTERNAL_ERROR: Element 'no-send-ip': This element is not expected. Expected is one of (Unique, auth-retry, auth-timeout, force-timeout, serv.)
Anyone come across this and how to fix this?
Thanks,
Ariel
I'm behind one of our XTM-505 boxes, and I'm trying to connect to others in our organization via IPSec VPN (I'm using Shrew). I think my predecessor configured this box in a hurry, and maybe left something out.
Changes I've made so far (which haven't helped)
-Went to VPN->Global Settings->Enabled IPSec Pass-through (which auto-added "WatchGuard IPSec Policy" in firewall policies)
-Added WatchGuard policy (packet filter) for IPSec from Any-Trusted to Any-External (and ensured Dynamic NAT was enabled, which was on by default)
I'm still getting a connection time-out when I attempt to go from inside this building to any of our other firewalls. I went to WatchGuard System Manager, opened up Logging, and searched by my system's local IP address but I'm not seeing any denied traffic.
Is there anything I'm missing? Note: I can VPN from the outside into this firewall no problem.
Right now the WebBlocker service (WebSense) is unavailable. This happens from time to time. I wonder if there is something they can do to avoid interruptions during work hours and set their maintenance time after 6:00pm at least. Thankfully I was in the office at the time this happened and thankfully we still have WebBlocker Server with SurfControl installed locally so I just switched all the policies to use a different WebBlocker action. But if I was on vacation or on the business trip or attending conference - that would make serious impact on our business. Even though in Advanced settings I set "Allow the user to view the web site" in case if the server can't be reached in 5 seconds, it doesn't work, it just shows the error message. Moreover, I don't like the idea to let the user surf the web when WebBlocker is not available, thus expose the whole company network to different types of threats. So I have two choices - hope that WatchGuard takes this seriously to avoid service interruptions, or I will have to take my business somewhere else, because these interruptions are not acceptable. Anyone else have these problems?
I'm hoping I'm wrong, but it looks like there's no way to bridge a WIFI interface with a VLAN. On the "Wireless Access Point Configuration" window, "Enable wireless bridge to Trusted or Optional interface" doesn't list my VLAN interface. Is there a way to do this?
Today I've started experiencing issues with my watchguard XTM 515 issuing IP addresses to devices from the Watchguard DHCP.
Scenario is: We have a second subnet on our network which I use for mobile devices and guest/visitor laptops to use WIFI. We call this simply "Visitors WIFI". This has no route onto our existing LAN and just keeps the connections separate but running off the same internet connection via our WG XTM.
At the time of creating this, for simplistic reasons, I decided not to use our normal DHCP servers and just use our Watchguard Firewall's DHCP for requests onto the "Visitors WIFI".
This has been working fine for the past 2 years but suddenly today it has decided to have a hissy fit and not work.. At first I thought the DHCP pool could be full, turns out it's not. I decided to release all the IP addresses anyway, which didn't do anything.
When I connect to the WIFI i'm getting a request but it just seems to drop it instantly. Here's a log of 2 devices trying to connect.
2014-04-04 09:00:21 dhcpd DHCPDISCOVER from 54:79:75:3e:b7:94 (Windows-Phone) via eth5 id="1600-0066" Event
2014-04-04 09:00:22 dhcpd DHCPOFFER on 172.16.0.52 to 54:79:75:3e:b7:94 (Windows-Phone) via eth5 id="1600-0065" Event
2014-04-04 09:00:26 dhcpd DHCPDISCOVER from 54:79:75:3e:b7:94 (Windows-Phone) via eth5 id="1600-0066" Event
2014-04-04 09:00:26 dhcpd DHCPOFFER on 172.16.0.52 to 54:79:75:3e:b7:94 (Windows-Phone) via eth5 id="1600-0065" Event
2014-04-04 09:00:27 dhcpd DHCPDISCOVER from 48:9d:24:74:d7:92 (BLACKBERRY-486B) via eth5 id="1600-0066" Event
2014-04-04 09:00:28 dhcpd DHCPOFFER on 172.16.0.53 to 48:9d:24:74:d7:92 (BLACKBERRY-486B) via eth5 id="1600-0065" Event
2014-04-04 09:00:30 dhcpd DHCPDISCOVER from 54:79:75:3e:b7:94 (Windows-Phone) via eth5 id="1600-0066" Event
2014-04-04 09:00:30 dhcpd DHCPOFFER on 172.16.0.52 to 54:79:75:3e:b7:94 (Windows-Phone) via eth5 id="1600-0065" Event
2014-04-04 09:00:30 dhcpd DHCPDISCOVER from 48:9d:24:74:d7:92 (BLACKBERRY-486B) via eth5 id="1600-0066" Event
2014-04-04 09:00:30 dhcpd DHCPOFFER on 172.16.0.53 to 48:9d:24:74:d7:92 (BLACKBERRY-486B) via eth5 id="1600-0065" Event
2014-04-04 09:00:33 dhcpd DHCPDISCOVER from 48:9d:24:74:d7:92 (BLACKBERRY-486B) via eth5 id="1600-0066" Event
2014-04-04 09:00:33 dhcpd DHCPOFFER on 172.16.0.53 to 48:9d:24:74:d7:92 (BLACKBERRY-486B) via eth5 id="1600-0065" Event
Any idea's on what's going wrong here?
We have a X55eW that i have setup, but some of our desk phone on the new subnet will not register via SIP, everything else is working fine, but I would really like to figure out how to disable the firewall on the firebox, we are sitting behind a firewall at the ISP handoff, so no concern to have two firewalls up.
Any suggestions?
Thanks
I want to play a video from a specific site (http://www.alphatv.gr/shows/entertainment/eleni/webtv/nak-shoes-4) and i receive an error: "Error Loading Stream-Could not connect to server".
Generally, i can play videos from many sites such as Youtube, Vimeo, Mega -Star Channel (local web- tv channel) and i do not have any problem with videos.
I have a Watchgurd XTM330 and i receive this error when monitoring the traffic the time that i want to play the video.
msg=ProxyDeny: HTTP Invalid Request-Line Format.
I cannot understand what actually means and what to configure.
Thanks.
I have an XTM520 connected via Cat 5 to an AP200. Two laptops each connected to the AP200 via (2) different SSIDs, and a wireless printer connected to a third SSID.
The laptops cannot see the printer. I have tried two different rules TCP 0, and Any. No Success.
Please see the attached explanation and diagram. Been looking at this and changing parameters for more than 4 hours. Any ideas would be quite helpful.
I've research and found several topics related but didn't seem to work. Any help you guys can provide would be greatly appreciated.
Here's my home setup.
ISP: Comcast basic ISP (dynamic ip)
ISP Modem: Motorola Surfboard SB6141
Owned: Linksys Wifi Router N300 192.168.1.1 (set up as DCHP giving out range .10-254)
Newly purchased from garage sale to be add to network: Watchguard XTM 25 10.0.1.1
1. modem (only ethernet) goes to linksys wifi router (internet port)
2. linksys wifi router (port 1) goes to watchguard (port 1)
3. linksys wifi router (port 2) goes to jack in living room
4. linksys wifi router (port 3) goes to bedroom
5. linksys wifi router (port 4) goes to printer
Everything works fine but as soon as I plug in the Watchguard nothing works. I'm 100% positive the issue is the watchguard. Some of the topics I read talks bout turning off DHCP on the router and some talks about configure the watchgaurd with an external IP(trusted).
I'm not exactly sure where to begin. I've reset the watchguard back to factory default and configured it through web browser. I would like to have the linksys only do wifi whereas the watchguard do the DCHP and policies.
Do I need the Watchguard, prob not, but i thought it would be something good to have since I got it for a pretty good deal at a garage sale.
Where do I need to do the configuring?
Thank you
Hi All,
I want allow following website address
http://dgftebrc.nic.in:8100/DGFTeBRC/brcIssuedTrade_input.jsp when i open direct connect i able to open above website, unable open though watchuard i thing some port problem in that website there is 8100 port number is there
I have four (soon to be five) Watchguard firewalls. We have full subscriptions on all of them. We are using WeBlocker via the Websense Cloud on all of them.
Over time, my predecessor did not really do a good job of keeping WeBlocker consistent across our units. Not a huge deal for the category filtering (which I can change) but I am trying to stay consistent on the rest. There are redundancies, and items not described well (especially now that the 11.8.x version allows better description fields).
Is it possible to export a WeBlocker filter from one WatchGuard and import it into others? I'd like to clean up one of our firewalls, and then bring those WeBlocker policies to the others. This would ensure the consistency I need.
Note: We do not have a WatchGuard Dimension setup at this time. All of our firewalls would be considered individual branch office units, and it will be some time before I can look into Dimension due to other responsibilities.
Currently customer is having XTM Core 750e series WathcGuard firewall which us connected to other firewalls using BOVPN tunnels, currently we are having some issues and i need to upgrade the firmware for the Hub firewall, if i upgrade the firmware only at the HUB site will it affect the BOVPN tunnels connected to spoke firewalls, or i need to upgared the firmware at the Spoke sites also, also will the tunnels will be connected automatically after firmware upgrade or i have to manually configure some settings.please advise.
Thanks,
Hi guys,
My problem is that I don’t see any live stereaming on my WatchGuard XTM-26 (11.8.B432340).
I mention that I have no active subscription on it.
The mesage is: Error loading stream: could not connect to server.
Can you help me, please?
Thanks!
