Comments
-
Sorry, I can't explain what you're seeing. I quickly tried out the iReasoning MIB Browser, but it looks like the free version only runs v1 and v2, but I'm running SNMP v3 on the M390, so I can't replicate what you're seeing.
-
For a quick test, I tested the following in Zabbix from a M390 using the MIBS OID detail from here: https://watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/basicadmin/snmp_mibs_details_c.html If I enter the OID as shown, it does not work. wgSystemCurrActiveConns 1.3.6.1.4.1.3097.6.3.80; No Such Instance…
-
Sadly Support won't do anything. Even though I cited Article ID:000012429, which states that a Basic Wi-Fi AP will have a expiration of Never, they are replying with "You must have a current valid AP subscription to receive support for a WatchGuard AP" and are stating that I need to renew my AP's to a newer model because…
-
Thanks, I saw that and already implemented it. It definitely reduces some attempted attacks and probes.
-
It looks like v12.8.1 now has this: Policies, Proxies, and Subscription Services * The Firebox now blocks incoming traffic from Tor exit nodes when the Tor Exit Node Blocking service is enabled. [FBX-22863]
-
Thank you for the answer. The AP432 Data Sheet stated "CROSS-PLATFORM BENEFITS - ...Centralized management to WatchGuard’s portfolio of products such as AuthPoint, Firebox appliances, and endpoint solutions", so I was under the impression that it was manageable by the gateway wireless controller, but I wasn't sure.
-
I figured as much. The curious item is that the localization is English (US) and all the other WebCenter pages are English except for the search page. Cleared the cache and it still happens. I'm not going to worry about it, I've got two other browsers to choose from that work fine.
-
Interesting. Firefox 98.0.2 has the page in English, Chrome 99.0.4844.82 is English, Edge 99.0.1150.46 and 1150.52 displays it in French. I'm going to blame this on Edge.
-
Thank you Bruce, that did it!
-
It looks like I have the latest, I'll open a ticket. Thank you. java version "1.8.0_281" Java(TM) SE Runtime Environment (build 1.8.0_281-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.281-b09, mixed mode) *** Follow up *** Based on James comment, I uninstalled Java and reinstalled it without any success. I then pulled…
-
I just installed the host sensor on a Server 2008 R2 SP1 and the alert is "Host Sensor has a problem". The log has numerous entries: [Error] [thread:1728] [PEUtilities] CryptQueryObject failed with 2148081673 So you're not alone with this error.
-
It looks like it is now listed as a known issue for 12.5.4 - dhcprelayd process crashes and causes DHCP relay to fail
-
A reboot of the FB (which I wanted to avoid) and the workstation running FSM seemed to correct the problem.
-
This has been fixed in the latest update and searching geo_src now produces results. Thanks Watchguard! Dimension Update v2.1.2 Update 3 -- 9 January 2020 Resolved Issues in Dimension v2.1.2 Update 3 -Logging and Reporting --Geolocation data is now correctly included in Log Search results. [FBX-17970]
-
Thanks Bruce. I guess I could export in the Manager and then extract the data from there. Yes, it seems the logged line format/content is different between the Manager and the Search in Dimension (on prem). Hopefully your discussion will result in some new enhancements that will make the search more robust.
-
I do see the logged denies when searching with the term geolocation, but the logged lines do not show the country code. I am trying to easily see what countries are being blocked.
-
Thank you Ricardo. We had just come to understand what the Externally Remediated meant in the logs before you posted this. Perhaps the crash occurred, removing the .tmp file, and the TDR detected the file was gone and logged it as externally remediated. Being that we had just installed the TDR host that morning on this…
-
Yes we did implement it. We have 2,275 addresses (TOR and Compromised Hosts) in our alias list. We have 210 rules and the only slowdown we see is while opening the Firewall Policy Manager (M370).
-
Yes, that's it! I had forgotten about creating an alias list and using that as a deny rule. This is what I as looking for (although maintaining the TOR list will require diligence).
-
I'm familiar with importing IP's to the blocked sites list, but I was hoping for a more surgical method than blocking TOR exit node IP's across the board. This is an inbound connection I'm attempting to limit the traffic on, application control wouldn't help in this case.
-
Upgrading to 12.4.1 Update 1 fixed the problem. Under the resolved Issues in Fireware v12.4.1 Update 1: SD-WAN actions are no longer incorrectly applied to traffic directed at a Firebox interface IP address. [FBX-16341]
-
I see this has been corrected in 12.4, but I 'm not ready to leap back into that until a few other known issues are taken care of. spamBlocker Total Messages Processed value not accurate
-
Can a discussion post be changed to a question post by the author after the message is submitted?