Trying to ID what is blocking GoToAssist
Just updated my own obsolete WG Fireboxes to new T series with Basic Security Suite. I can now not use GoToAssist to connect OUT to customers but can connect IN to my own system from elsewhere. Can't connect IN to Splashtop Streamer either. I've lost my firewall tech and trying to support this myself. Here is the Traffic Monitor when I try to logon to GoToAssist Website. I believe I found Application Control setttings for both apps.
Sorry to be clueless but can someone direct me to which Subscription is causing these entries in Traffic Monitor for Rescueassist?
2021-04-30 15:55:03 Deny 10.1.6.2 54.69.209.214 RescueAssist 50594 443 Trusted-EX External Application identified 557 128 (HTTPS-proxy-00) proc_id="firewall" rc="101" msg_id="3000-0149" src_ip_nat="47.181.189.32" tcp_info="offset 5 A 59426663 win 5152" app_name="RescueAssist" app_cat_name="Remote access terminals" app_id="47" app_cat_id="11" app_beh_name="Authentication" app_beh_id="1" action="Global" geo_dst="USA" sig_vers="18.145"
Comments
app_cat_name="Remote access terminals", type = "Authentication" looks to the be the setting which is doing the blocking
The policy is: RescueAssist
Did you save your previous configs to your new firewalls?
Thanks for the response. Each firewall was a new config. All four are new T20-W with Basic Security Suite. Replaced 4 XTM25, none of which had 12.x firmware as 2 would not upgrade past 11.9.4.
Each new one had only the basic setup, logged onto Watchguard and had the Subscriptions enabled according to the key so they should all be the same, right? I've done no other setup except to try to add the one addition in Application Control, which didn't help.
I know something is different because one will allow Splashtop Streamer to run and one will not.
I was thinking if I knew it was Application Control that is stopping me running GotoAssist to connect OUT, then I could disable that completely and then I can logon to the other systems and look for problems.
One is at my home office so I can easily start over without affecting a business.
app_cat_name indicates Application Control is the cause.
If desirable, you can copy the config from the old firewall to the new firewall.
Move a Configuration to a New Firebox
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/basicadmin/config_file_use_new_model_wsm.html
Turns out the Application Control for RescueAssist allow the web interface RescueAssist to work but not the GoToAssist Expert program, which is what I use. So this lets me support customers without needing to go to another customer who hasn't updated their Firebox. This takes the pressure off while I learn the new Firebox and new versions of the Subscription Services.
Thanks for your help!