Advisory WGSA-2024-00015
This advisory keeps coming up in our security scan from Qualys. The verbiage in the article is very confusing. Do I create a firewall rule on each client blocking port 4114 from all devices other than the Authentication Gateway machines? Or do I block all devices but internal devices from port 4114 on the authentication gateway machines?
https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00015
0
Sign In to comment.
Comments
Here is how I interpret the WG advisory:
. on all Windows devices which have the Single Sign-On Agent installed, set up a Windows firewall rule blocking all incoming access to TCP port 4114 except from your WG firewall.
OK, so NOT from the authentication gateway machines? I had set up a workstation firewall rule to limit it to the 2 authentication gateway machines (2 DCs). I'll try it with the firewall and see what it breaks.
Thank you for your input.
From the advisory:
"only allow connections from the Firebox."