Cannot login WSM

I cannot login with WSM. I am able to login using the GUI. I looked at the Watchguard Policy and it has not been changed and is still enabled. The ports allowed are 4105, 4117, 4118. From Any-trusted (added my IP) To Firebox. The only thing changed is adding my IP address. When I try to login to WSM, the error is WSM was unable to connect - Access denied by Firebox - invalid credentials. I used the GUI to add a new user and also changed the password for Status, so I know I am using valid credentials. Would really like to use WSM, in addition to the GUI.

Comments

  • Did you add the new user in the Web UI -> System -> Users and Roles, and select Role = Device Administrator?

    And you do need to log in to WSM Policy Manager using the Status password

  • I have 3 users that are in the Users and Roles - Admin, Status, and myself. Admin and myself are Administrators. I cannot login to WSM using any of them. All 3 get the same error. The error occurs when I start WSM and try to connect to the device. I put in the IP address of the device, the user and password. Authentication server is Firebox-DB. I even tried Active Directory with our domain. It seems like it has something to do with the Watchguard policy, but nothing changed with that.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @RickS

    Try logging into the WebUI (use the status user, because multiple status users can be logged in) and go to dashboard -> traffic monitor.

    Once that's displaying and you see the logs scrolling, try logging in via the WSM app. Go to file -> Connect to device, and try logging in.

    Do you see any errors pop up in the traffic monitor page of the WebUI?

    Thank you,

    -James Carson
    WatchGuard Customer Support

  • Thanks for the replies. I uninstalled WSM and installed the latest from Watchguard. After that it started working. Not sure if that fixed it, but I am now able to login using WSM,

  • james.carsonjames.carson Moderator, WatchGuard Representative

    If you were running an older version of WSM, at some point (around 12.1 IIRC) we updated some of the ciphers used to do this. The latest version should be backwards compatible with older versions, so you should be set.

    -James Carson
    WatchGuard Customer Support

  • edited November 2020

    @James_Carson said:
    If you were running an older version of WSM, at some point (around 12.1 IIRC) we updated some of the ciphers used to do this. The latest version should be backwards compatible with older versions, so you should be set.

    The last time I tried to use the current version (whatever that was on June 9, 2020), it could not manage an XTM 25 running 11.7.4 so I I had to install that version on a VM. I am in California and this client is in Florida. He has no current devices so I have to keep the old WSM version on hand. I think I posted about it here somewhere. WSM is not always backward compatible...especially if you go back far enough.

    Gregg Hill

  • Agreed.
    At some time long ago, the current WSM version at that time could no longer manage V7.x versions, even though the docs said that it could.

Sign In to comment.