James_Carson
Hello WatchGuard Community users,
If you need personal or confidential support, please create a case by clicking the support center link on the top right of this page, and creating an online technical support case.
I am unable to provide support via PMs in the forums.
Thank you,
-James Carson
About
- Display Name
- James_Carson
- Joined
- Visits
- 333
- Last Active
- Roles
- WatchGuard Representative
- Points
- 92
- Badges
- 2
Comments
-
Hi @PeterGV I'm referring to WindowsRT as the ARM platform, which the surface you mentioned was part of. As far as I'm aware, no VPN apps work with the ARM based variants (I may be incorrect here) -- however, WatchGuard's SSLVPN is based on OpenVP…
-
Hi, @PeterGV The ARM based processors won't work with the WatchGuard SSLVPN. You can use the L2TP VPN which is supported by Windows 10's built in VPN client. This is more of a limitation of the WindowsRT platform rather than a limitation of the S…
-
Hi Bruce, You have to put a formatting tag around it. There isn't anything specific for : D. code> :D /code > (add the open < to make that work)
-
Hi @jmsoares91 The CA that the block page you're seeing is signed by a public CA -- but it's not signed for the domain that your browser is looking for. There will always be a certificate error here, as there will be a cert name mismatch. Thank y…
-
Hi @Bruce_Briggs It's a link at the bottom of the text box that pops up when you post. It links here: https://en.wikipedia.org/wiki/Markdown
-
Hi @Bruce_Briggs I can certainly have the team that manages the forums look into it -- the markdown just lets you do it now by adding a tag. I'll see what I can do.
-
@Bruce_Briggs Try using the markdown features like the code tag. It makes the weird formatting go away. [email protected] and :D :P should show up without any weird formatting
-
.
-
Hi @Ronnie * So long as Azure MFA supports RADIUS and passes the SSLVPN group (SSLVPN-Users) as Radius attribute 11, it should work with no issue. * WatchGuard's MFA solution (AuthPoint) has a RADIUS server built into it's gateway software. This…
-
Hi @BrianSteingraber The zip folder (for most reports) contains JSON data for the report to be rendered locally. There's usually also a direct link to the PDF, etc in the message text itself. Are you able to click the link in the email to access …
-
Hi @HRM One of the first template rules you'll want to make to the device will be to have your Management server's IPs in the WatchGuard rule. Most of our partners do this by making a new rule (calling it WG-server-access, or something similar, us…
-
Hi @HRM Are you able to open Firebox System Manager from the management server? That will tell us if we can connect to the device directly. I'd also make sure that the "WatchGuard" rule has the external IPs of what you're connecting fro…
-
Hi @KevCar It's super easy to make a typo, but unfortunately all of those items are required for an IPSEC tunnel. I'd suggest just keeping an eye on it and seeing how it goes over a few days.
-
Hi @VerionIcsa For something this specific, I'd suggest opening a support case with WatchGuard Technical Support. You can do this by using the support center link at the top right of this page. The technician will likely want to see your logs fro…
-
Hi @Devotec The firewall won't be able to kill an existing connection by rule, but if an appropriate deny rule is made, should stop new connections. The connections will generally end by themselves eventually, or the connection can be interrupted …
-
Hi @Ricki_Briggs, There's no way to make the SSLVPN client log this locally. If you're looking to run a script after logging in, I'd suggest looking into the OpenVPN client, and using that with the OVPN file you can download from the firewall.
-
Hi @Greggmh123 The gateway config is in the SSLVPN config that is downloaded, but the TAP driver has nothing to do with that config. It's part of the SSLVPN install itself.
-
Hi @DRJC That's not really expected -- I'd suggest opening a support ticket using the support center link on the top right of this page. That'll allow the TDR support folks to take a look at it and help. Thank you,
-
@Sam_Cotton_01 WatchGuard doesn't have any program like that (we do offer significant discounts on new firewalls to schools, however.)
-
Hi @CodyP I'd suggest opening a ticket if that won't work. If the fix that gets applied on the client (tap driver) is what fixes it, it's doubtful a change on the firewall will correct it.
-
Hi @ANC The link is unique for each user, and there is no authentication. The only way to protect the account on quarantine is to protect the link. If security of the account is your primary concern, I'd suggest adding to the subject line of the …
-
Hi @WIP Since you have two NAT routers (the firebox, and the orange device) this could be happening on either. have you tried removing one of the routers to see if the problem persists? If you're still running into this issue, I'd suggest opening…
-
Hi @Marcojakko Most of the items that you can set up notifications for also have reports that can be run that are associated with them. Email notifications are generally for people that'd like instant notification. What specific alert items are y…
-
Hi @Norman This is the firewall trying to set the ring buffer for one of the interfaces -- this isn't supported on all virtual appliances NICs. So long as the NIC is operational, it can be ignored. Thank you,
-
Hi @Norman You can shut FireboxV and XTMv hard off just like a hardware firewall. You can also shut it down from firebox system manager in the File -> Shutdown menu. Whichever is easier.
-
Hi @OceanKicks The firewall will handle the VLAN routing like any other network -- there needs to be rules for it. If you configure the VLAN on the firewall, it will appear as an aliased item when you go to make a policy. You can then put that VL…
-
Hi @uffced The error PR_Connect_Reset_error is usually because the TLS profile is not configured correctly on the HTTPS proxy that hit the traffic. Please do the following: Go to WSM - Policy Manager - Edit HTTPS proxy that traffic uses - Edit Pro…
-
Hi @eqcrbs03 I'd suggest opening a case for this, like bruce said. If you have access to the logs on the cisco side, that could be useful for the case as well. My best guess based on what we're seeing is that one side could be timing out -- but w…
-
Hi @Paul_R_Canada -- Opening a case for authentication is the best thing -- so we'll go with that. Any sort of troubleshooting will likely involve logs with names, which is best kept private there. Thank you,
-
Hi @sinuxjoey and @wander The development team has opened a feature request to handle the reported incompatibility for the SSLVPN client. That feature request is FBX-17621. The VPN team is currently working on this, but we don't have an expected …