12.4u2 NAT Issues
Hi,
Is anyone else experiencing NAT issues with 12.4u2?
Since upgrading i've noticed all our external traffic is going out as our external interface address and its completely ignoring the rules.
Its even translating public IP addresses which obviously don't have rules associated with them.
I've raised a call with WG, just thought i'd see if the problem is more widespread.
M4600
12.4u2
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.10.4
0
Sign In to comment.
Comments
Do you have multiple external interfaces ?
If so, there are changes with SD-WAN which may be affecting your config.
If you can't figure this out, then consider opening a support incident to get help from WG in resolving this.
Review this post:
problems after upgrade to 12.4
https://community.watchguard.com/watchguard-community/discussion/173/problems-after-upgrade-to-12-4
Hi,
Just one external interface. Don't use any SD-WAN config. Everything was all working just fine up until the upgrade. Translation rules all look good and proxy settings are all in place. I smell a bug... Going to upgrade to 12.4.1 tonight and fingers cross it fixes it.
Already opened a call as per original post, thanks. They've not got back to me in the last 6hrs so they must be thinking about it.
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.10.4
I've been seeing random NAT'ing issues since 12.4 (beta) I believe.
Funny you should mention that but i've had a few times when adding a nat rule completely broke it then if you remove and re-add it works.
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.10.4
I've now upgraded to 12.4.1 and can confirm this does not fix the issue.
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.10.4
There is an open NAT issue that is defined in the following Knowledge Base Article ID - Article ID: 000011920
https://watchguardsupport.secure.force.com/publicKB?type=KBKnownIssues&SFDCID=kA40H000000J55RSAS&lang=en_US
Thanks for that Mark!
That's that issue!
Thanks Mark. WG have now confirmed it is the HTTPS proxy issue
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.10.4