Dimension Connection error on Firebox Verification of SSL Certificate Failed

Firebox T80 12.7.2 U1
Dimension 2.2 OFV Template running VMware Workstation Player, on the same subnet.
Fresh Install of the Dimension software and configure. when we alter the Firebox to log to the Dimension it shows me a Verification of SSL Certificate Failed.
Is their anyway I can find out what is causing this Certificate Failure?

Comments

  • Exactly where are you seeing the cert error?

    I set up Dimension 2.2 on VMware Workstation 15 within the last month and I don't recall such an issue.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Clarke
    The certificate will be self-signed and have no DNS name in the subject, so no modern browser will ever not show a cert error on it. The only way around that is to install your own cert (properly self-signed or otherwise.)

    Also worth noting: We don't support Dimension on VMWare player. The VMWare hypervisor itself is free under most circumstances -- if you intend on using this for production use I'd suggest looking into that or the HyperV Server role on an existing Windows server.

    -James Carson
    WatchGuard Customer Support

  • Hi Bruce.
    It is showing on the Firebox Dashboard Front Panel far right hand column under Servers, Log Server. If Network is unavailable then it shows network unavailable. Normally it shows the logging IP address, like it does on several other Firebox's I have. But this one shows SSL error.

  • Hi James.
    There error is NOT in the Browser, ie it is not a traditional SSL error to click advanced to add the exception, but it is in the Firebox Dashboard Front Panel far right hand column under Servers, Log Server.

  • I've never seen this one before, after many installs of Dimension.
    Anything intercepting the packets between the firewall and the Dimension server and potentially modifying them ?
    Time for a support incident

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Clarke
    I haven't seen this one either. I suspect the firewall is spitting out whatever response it's getting (perhaps something else is replying.)
    If you haven't already done so, I'd suggest a support case so we can dig into the details and see what's happening.

    -James Carson
    WatchGuard Customer Support

  • Perhaps a 2nd device has the same IP addr as the Dimension server???

  • All sorted now.
    First issue was our AV product was blocking access to the bridged Network adapter on port 4115. I added a rule to allow all traffic on that port.
    It was at this stage that we received the SSL error.
    I went back to the device 2 days later and it was displaying the log server on the Dashboard screen, and it was logging as expected to the Dimension system.
    Thanks for your input and help.

Sign In to comment.