Best Of
fireware 12.11.4 upgrade
Hallo,
I have tried to upgrade our firebox cluster (M690) from 12.11.3 to 12.11.4. But upgrade failed. Does anyonenhave the same issue.
Thanks a lot
Regards,
Chen
Re: External Dynamic Lists for Rules
@PhilT_VIT not looking to block TOR specifically but rather use external lists. For example, our MDR provider provides an ip list of ever-changing threats and we currently plug into our pfsense firewalls. The list is queried on an interval to stay up to date.
MacOS VPN client for SAML/SSO in V12.11?
Since the release of Fireware v12.11, I have been wondering when we will get a MacOS VPN client that's compatible with SAML/SSO? Watchguard development and support are really behind for MacOS.
FSITOps
Re: MacOS VPN client for SAML/SSO in V12.11?
Hi @FSITOps
There's an existing feature request for this -- it is FBX-27237. I don't have an ETA as to when this might be available, but it is being worked and should be available soon.
Re: MacOS VPN client for SAML/SSO in V12.11?
Any update on this? We have quite a few Mac devices in our network that we want to get the SAML auth deployed to.
robertm
Re: MacOS VPN client for SAML/SSO in V12.11?
Hi @robertm
The Client is still being worked on. If you'd like to follow the request, consider opening a support case and mentioning FBX-27237 in the case -- the technician assigned the case can set it up to alert you when this is available.
Re: two lans with two wans
Yes, using SD-WAN
Set up a SD-WAN for WAN 1 as primary with WAN 2 as failover.
Do the same for WAN 2.
Make sure that you have a Link Monitor set up for both WANs - with something beyond your firewall interface.
Then apply the SD-WAN action for WAN1 on policies for LAN 1 and apply the SD-WAN action for WAN2 on policies for LAN 2.
About Link Monitor
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/link monitor/link_monitor_about.html
Re: Patch Installation
Hello, @JorgeAcevedo
Yes, the switch off-->switch on at the end of the day-->at the begining of shift will act as a restart for the patching procedure.
So the user can decide not to restart until the end of the shift, and the patching will restart its procedure at the start of the shift.
But bear in mind that the next patch will not take place until the device is restarted. So if there are second, third, and/or fourth patches in the queue and all of them need a restart, this could take four days to finish.
Kind regards,
Re: SNMP issues after upgrading firmware
PRTG Network Monitor 25.2.108.1358 x64 - new version resolved this issue. SNMP traffic can be added fine again.
