I've followed this guide here and confident I've configured everything correctly - https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/General/azure-saml_ssl-vpn.html?tocpath=Self-Help Tools|Integration Guides|General|_____1 I downloaded the latest version of the Mobile VPN software which…
By seamless, I mean can SSO with Entra ID be set up to work similarly to the way SSO worked with Active Directory? With on-prem AD, you could install the SSO Client on devices and the SSO Agent on an AD server. Once configured, end uses were not required to do anything different, like connecting to a portal, to access…
Model FireboxV-MED Version 12.11.6.B728370 Hi everyone, With Windows Server 2025 activating LDAP Signing and Binding as default, I wanted to check if and how we can activate this on my WatchGuard authentication before we start incorporating any 2025 domain controllers. We are currently using AD for my Mobile SSL VPN users.…
Hello WatchGuard Community, I am trying to allow an external VDI machine (Azure-hosted, static public IP) to access the WatchGuard Authentication Portal on port 4100. Despite having the correct configuration in place, the connection is timing out and the portal is unreachable from the external network. Here is what I have…
hello, i have set up two radius domains for sslvpn i can login with both domain1.com is default domain2.com\username also works for ikev2 the firebox is always adding the default domain @domain1.com , like domain2.com\username@domain1.com , which fails of course
We're testing the SSO Client on a device that's only Azure AD Joined. The user is signed in to windows with their Azure AD credentials. We use AD Connect to sync Azure AD Users to on premises AD. This scenario seems to work but doesn't seem to be documented. Will we run into any issues doing this? We would rather have the…
I am trying to configure the Mobile VPN with SSL to restrict network access by group membership. Specifically, users in SG_Contractors should have limited access while SG_Internal should have full access to network resources. This was possible and was configured with AD authentication and is documented in this video. I…
Hi all, Model M270 Version 12.11.4.B722644 I am looking at setting up SAML authentication on one of our firewalls, as a test for a wider adoption. I have followed all the steps in this process: https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/General/azure-saml_ssl-vpn.html Everything looks…
This advisory keeps coming up in our security scan from Qualys. The verbiage in the article is very confusing. Do I create a firewall rule on each client blocking port 4114 from all devices other than the Authentication Gateway machines? Or do I block all devices but internal devices from port 4114 on the authentication…
Some months ago we upgraded the Watchguard Authentication Gateway to 12.7.2 and then 12.10. We also removed the service user from "Domain Admin" groups, but we gave him permission to access event logs of PCs as described in the guides. SSO Agent is configured to use only Event Log Monitor, and is installed on the primary…
It looks like you're new here. Sign in or register to get started.