Comments
-
That page would only be accessible if the SSLVPN policy is enabled which is only created/enabled is SSLVPN is turned on. Are you using the SSLVPN?
-
This would be a very helpful report. Checkout the feature enhancement's and create one if one doesn't already exist. https://community.watchguard.com/watchguard-community/categories/firebox-product-enhancements
-
Are you looking for the SIP traffic or the RTP stream packets? You will probably need to start an actual packet capture vs. using the logging.
-
I would add that if you have domain controllers (and firewalls) in both sites, you should have a SSO Agent in each site that uses it's local DC.
-
Per WG Cloud, my memory usage is also @ 99%
-
It sounds like all the displays are in agreement. Looking up my M400 stats now....
-
I have DNSWatch enabled on all three of our Fireboxes. No issues with our DFS infrastructure.
-
Hi Ricardo. If I can jump in, I would say that the alerts for this specific occurrence are not helpful. It seems to be borderline false positive and so the alerts are nothing more than spam....
-
What Bruce said. Watchguard Cloud is a separate item/solution to TDR, APT Blocker, Dimension, Etc. It's not needed for any of those things.
-
When I click that link, the SplashtopSOS.exe file downloads. Have you confirmed that .exe's are NOT blocked in your HTTP Proxy?
-
I haven't played with WG's Wifi but I'm guessing you won't be able to directly do this. Your going to need to implement SSO and base the Webblocker Profile on an User Group OR have each SSID on it's own network and base the webblocker profile on the network.
-
WatchGuard Cloud is NOT going to run your Access Portal. The WatchGuard Cloud is alternative solution to Dimension (for Reporting and Logging).
-
Regarding the VPN (any type) and the Access Portal, it does seem that the Access Portal MAY be able to replace the need for a VPN. It's really going to depend on the Information Resources that the VPN is providing connectivity to (as the Access Portal OR Reverse Proxy) will need to take on that capability.
-
I'm not sure about IKEv2, but with Mobile VPN/SSL you need to specify the DNS server(s) for the connection.
-
I'm not aware of this ability but it would certainly be appreciated! You can use an IP Whitelist as a additional factor however.
-
I believe you have to delete the old action and create a new one.
-
For your second cluster/second device, try triggering a failover so the missing device starts sending the logs. That may get it to show up.
-
Neal, Yes, I have several HTTP/HTTPS Proxies setup to control all HTTP/HTTPS traffic. Bruce hits on all the main problems. The only other problems that come to mind are when a URL is too long or if your box is sized too small and you are Proxing/inspecting (DPI) lots. With an M300, you shouldn't have any performance issues.
-
@Ricardo_Arroyo, These files are marked as Threat Feed: MATCHED (Source: WatchGuard)
-
@James_Carson, what are the chances that the WatchGuard Threat Feed for these temp files is updated? After all, this is a False Positive it appears.
-
If you are coming from firmware before 12.3, watch out for the new SD-WAN policies. Read up on the release notes and review your configuration after the upgrade.
-
The website leverages a specific dns/hostname and additional IP separate from the SSLVPN IP.
-
Thanks @James_Carson. So with both SSLVPN and the Access Portal using 443. Is it possible to access an internal website via 443 from outside (assuming NAT is used)?
-
I have DNSWatch enabled so moving SSLVPN to UDP port 53 won't work..I also have users who frequently use other organizations networks and moving to a port other then 443 sounds like its going to cause issues. Guess I'll look into moving away from SSLVPN to IKEv2...
-
I also have outbound DNS traffic limited to specific IP's so I'm wondering how much additional value/benefit there is in Proxy over Packet policies. Or really in this case, how much security is lost moving from Proxy to Packet filtering...
-
Gregg, that's my current reason for leveraging DNS-Proxy however 2x of my T35's are experiencing performance issues because of it and WG Support recommended switching over to the DNS Packet rule.
-
I'd watch the outbound traffic logs....
-
No, Per WG Tech Document, you are supposed to create a TDR rule.
-
Did you create the appropriate firewall policies? Also, make sure Geolocation isn't blocking anything....
-
John, What's the lowest Firebox that supports the Next-Gen/Intelligent AV capability?