Connection to AWS via Firebox XTM-535


One of our software vendors is moving one of our primary applications to Amazon Web Services. They have sent me a config example that I assume they downloaded from AWS and I have configured the tunnels and can see that they are connected via the WatchGuard System Manager but am not sure if my configuration or routing is 100% correct. Even though I have requested some basic tools so I can test the connection to the Amazon VPC (so simple as being able to ping a single address on the AWS VPC range) they keep refusing to allow me to do this (It has gone on for over a month and they refuse to budge, they say it is impossible for me to be able to test it on my own). They only want to test it if they have a remote connection to our network and then turn on the AWS "Instance" so they can test it.

That means that I can only modify or create the WG config then upload but have to wait for them to test it, and since the vendor is EST that can be midnight, or later, my time.

They also say that even though they have clients who use WG firewalls, they themselves don't support them and have offered no assistance with the configuration besides sending me the sample file .

When I ran a test with them last week, they connected to our LAN remotely and the support person simply started running some Ping tests which were unresponsive. She said that the problem must be with the routing. I do agree but find it very frustrating to not be able to independently test this on my own time.

If anyone else has successfully configured a WG XTM535 to connect to AWS, would it be possible to bounce some configuration items out to you on this to verify that I have got everything right?

Any help would be greatly appreciated.

Thank you in advance!


Sign In to comment.