Best Of
Re: WSM Clean Uninstall
I don't have an official list.
(EDIT: Remove WSM normally first!)
I recommend deleting the "C:\Program Files (x86)\WatchGuard\wsm11" and "C:\Program Files (x86)\Common Files\WatchGuard\wsm11" folders, plus the "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\WatchGuard\wsm" registry key. You may want to remove any installed Fireware releases as well and then delete any subfolders under "C:\Program Files (x86)\Common Files\WatchGuard\resources\FirewareXTM", then reboot and reinstall.
Re: DNSWatch certificate when using HTTPS inspection
Hi @Scott5297
In this case, they have a few options.
-If you have notification turned on, emails can be sent to an admin or similar for your network.
-If you're using the firewall itself (which uses the same WebBlocker categories) you can have a deny page via that proxy that the user will be able to see.
Work is being done to better integrate the block pages and profiles in WatchGuard cloud, so at some point in the future they should be easier to manage (as one.)
Re: Cluster Random Failover
might be a stupid question, but what is the MSP job here? It´s only managed one way - upgrades?
Re: Allow SSLVPN-Users Policy - Security Issue?
@Bruce_Briggs said:
Q. Is there a way to change dhcp lease time on the ssl vpn?
What is the issue?
There is no way in XTM to set a max session time for SSLVPN.
Ha, ha, ha. I read "There is no way in XTM to set a max session time for SSLVPN" and laughed, thinking, "Sure there is! Just try using it at Starbucks!"
My IKEv2 VPN is MUCH more stable.
How are you holding up, Bruce?
Gregg
Re: VPN SSL Access access To BOVPN Sites
What is stupid about the tutorial?
It explains that you need to add the SSLVPN subnet to your BOVPN Tunnel setups, which is exactly what is needed.