Options

Advisory WGSA-2024-00015

Brian_SSPCBrian_SSPC
in Firebox - Authentication

This advisory keeps coming up in our security scan from Qualys. The verbiage in the article is very confusing. Do I create a firewall rule on each client blocking port 4114 from all devices other than the Authentication Gateway machines? Or do I block all devices but internal devices from port 4114 on the authentication gateway machines?

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2024-00015

Comments

  • Bruce_BriggsBruce_Briggs

    Here is how I interpret the WG advisory:
    . on all Windows devices which have the Single Sign-On Agent installed, set up a Windows firewall rule blocking all incoming access to TCP port 4114 except from your WG firewall.

  • Brian_SSPCBrian_SSPC

    OK, so NOT from the authentication gateway machines? I had set up a workstation firewall rule to limit it to the 2 authentication gateway machines (2 DCs). I'll try it with the firewall and see what it breaks. :) Thank you for your input.

  • Bruce_BriggsBruce_Briggs

    From the advisory:
    "only allow connections from the Firebox."

Sign In to comment.