Comments
-
I ended up raising a case with WatchGuard support and they advised to add the AuthPoint Azure AD Integration IPs to the Trusted IPs feature in Azure AD, which has worked and resolved the problem. Azure Active Directory > Security > Multifactor authentication > Getting started > Configure > Additional cloud-based MFA…
-
I'm getting this as well with v12.9.B672226. Same as you I haven't been pressing yes for now, as I don't want to loose the TDR config. Has there been any update on this or are we wait for a new firmware release to resolve it? Thanks.
-
Not specifically APT but any of the TDR functions? Do they need to be behind the firewall for any of the TDR functions to work? Thanks.
-
Thanks again James. So if I have mobile users, does TDR still continue to function when they are not behind our Fireboxes or is it dependent on host senesors being behind a Firebox?
-
Thanks for the reply James. So is it generally recommended best practice to enable it? How come its not enabled by default like the other settings?
-
Thats is actually what I wanted to do earlier in the year but I was told by a mod on here that I couldn't and that: "-L2TP and IKEv2 can log in via RADIUS or Firebox-DB. If you want to use Active Directory with either, you can use the NPS (Network Policy Server) role in Windows to act as a RADIUS server and tie those…
-
They're just standard mapped drives that work when they are in the office. Mapped via the UNC path \computername\sharename
-
Thanks for the great replies @James_Carson and @Bruce_Briggs That pretty much kills this for me then if its going to break the BOVPN's as all our servers are in Azure so we need that BOVPN to Azure. Though it could be a blessing in disguise as it will force them to go for the L2TP MUVPN service on the Firewall sooner. So…
-
Thanks for the great reply @James_Carson I definitely want to get them on the L2TP VPN service on the Firewall eventually but that might be a bit of a longer battle as they want to stick with what they know and I'm introducing change a bit at a time and getting this working in the short term as a stop gap. So will…
-
I think that might have done it thanks. Works on my tests at my site. I'm just getting the users at that office to test and confirm it's fixed it for them. The exact setting is: VPN > VPN Settings > Tick 'Add a policy to enable outbound IPsec pass-through'
-
I had a helpful post on Spiceworks that pointed me in the right direction to fixing this. Here's what I did: Edit HTTPS-Proxy > Edit Proxy action > WebBlocker > Edit Proxy action > HTTP Proxy Exceptions > add *.msauth.net
-
Is that you who has replied on Spiceworks Bruce?
-
Thanks for the reply Bruce. Doesn't look like V12.4 Update 2 is out yet so I updated to V12.4 Update 1 and that seems to have fixed it as well. School boy error not trying the latest update first. Thanks again :)