WG_Auth Default Policy adds Any-External automatically - Why?
Hello,
on our RuleSet the "Watchguard Authentication" Policy with 4100 ist added automatically. This is by design. (Any_Trusted and Any_Optional)
But it adds the "Any_External"- Alias too!
When we delete this Entry in the Policy it is added again, after saving the The Configuration.
For now we created a Deny Policy for WG_Auth with Any_External in the From-Field. Above the Auto-Policy which works as a workaround.
The Question:
Which Setting, or Policy triggers the automatism to add the "Any_External"-Alias in the From-Field?
Our Firewall is a Gateway-Firewall for the WSM. No AccessPortal is used. SSLVPN-Logon-WebPage is disabled using the CLI.
Thanks for your help.
0
Sign In to comment.
Comments
I am not seeing this on my firewall, running V12.10.4 U1, and any prior versions.
My WatchGuard Authentication does not have Any-external in the From: field, and hasn't had it re-added ever that I have noticed.
I primarily use WSM Policy Manager.
Consider opening a support case on this.
Depending on what version you're running, Any-External may be included. I'd need more information about your firewall (like model, what version it's running, and when the original policy was created) to say for sure that's why you're seeing this.
The policy should allow you to remove any-external from it (potentially with a warning that it is an automatically generated policy, which you can dismiss.)
-James Carson
WatchGuard Customer Support