Options

Cannot login WSM

RickSRickS
in Firebox - Management Software

I cannot login with WSM. I am able to login using the GUI. I looked at the Watchguard Policy and it has not been changed and is still enabled. The ports allowed are 4105, 4117, 4118. From Any-trusted (added my IP) To Firebox. The only thing changed is adding my IP address. When I try to login to WSM, the error is WSM was unable to connect - Access denied by Firebox - invalid credentials. I used the GUI to add a new user and also changed the password for Status, so I know I am using valid credentials. Would really like to use WSM, in addition to the GUI.

Comments

  • Options
    Bruce_BriggsBruce_Briggs

    Did you add the new user in the Web UI -> System -> Users and Roles, and select Role = Device Administrator?

    And you do need to log in to WSM Policy Manager using the Status password

  • Options
    RickSRickS

    I have 3 users that are in the Users and Roles - Admin, Status, and myself. Admin and myself are Administrators. I cannot login to WSM using any of them. All 3 get the same error. The error occurs when I start WSM and try to connect to the device. I put in the IP address of the device, the user and password. Authentication server is Firebox-DB. I even tried Active Directory with our domain. It seems like it has something to do with the Watchguard policy, but nothing changed with that.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @RickS

    Try logging into the WebUI (use the status user, because multiple status users can be logged in) and go to dashboard -> traffic monitor.

    Once that's displaying and you see the logs scrolling, try logging in via the WSM app. Go to file -> Connect to device, and try logging in.

    Do you see any errors pop up in the traffic monitor page of the WebUI?

    Thank you,

    -James Carson
    WatchGuard Customer Support

  • Options
    RickSRickS

    Thanks for the replies. I uninstalled WSM and installed the latest from Watchguard. After that it started working. Not sure if that fixed it, but I am now able to login using WSM,

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    If you were running an older version of WSM, at some point (around 12.1 IIRC) we updated some of the ciphers used to do this. The latest version should be backwards compatible with older versions, so you should be set.

    -James Carson
    WatchGuard Customer Support

  • Options
    greggmh123greggmh123
    edited November 2020

    @James_Carson said:
    If you were running an older version of WSM, at some point (around 12.1 IIRC) we updated some of the ciphers used to do this. The latest version should be backwards compatible with older versions, so you should be set.

    The last time I tried to use the current version (whatever that was on June 9, 2020), it could not manage an XTM 25 running 11.7.4 so I I had to install that version on a VM. I am in California and this client is in Florida. He has no current devices so I have to keep the old WSM version on hand. I think I posted about it here somewhere. WSM is not always backward compatible...especially if you go back far enough.

    Gregg Hill

  • Options
    Bruce_BriggsBruce_Briggs

    Agreed.
    At some time long ago, the current WSM version at that time could no longer manage V7.x versions, even though the docs said that it could.

Sign In to comment.