KevCar

About

Display Name
KevCar
Joined
Visits
18
Last Active
Roles
No Roles
Points
3
Badges
0

Comments

  • BINGO!!!!! Its the SSO settings. I had to point the SSO on the other Firewall to the SSO agent on my domain controller.
  • Thanks, but I am not referring to Dimension. I am talking about the Dashboard on the Firewall Front Panel, Top Clients. I have another site with a Firewall and Domain controller. That site connects to the main Site over VPN. The main site Firewall d…
  • The DNS is different on the one that is not showing names. Doesn't explain usernames though. I have the SSO agent installed.on workstations. And I always thought that had something to do with it. I might read up on it and see. I changed the DNS on t…
  • Yep, using Text did work.
  • I just looked at a Sonicwall that has Option 156 configured. But its type is setup as String. Not sure if that is the same as text. Will try and find out.
  • Well scratch that. I just tried again and it seems to be working. The tunnel is up and staying up. Not sure why I was having so many issues before.
  • So for the 1-1 nat, do I put the ip of the internal user for the Host IP?
  • Yes, 1 user needs to access a server on the other end.
  • I just got another alert. This time its for www.altajan.com. Which is Business and Economy. This is allowed yet I got an alarm (email). Alarms are not configured for this category, just logging. So the category is correct. The traffic log shows it w…
  • I already have Exchange configured behind the firewall. I also have a couple of other public websites I am wanting to protect. The Exchange was just one site I was trying. The others also do the same thing. Just trying to protect all the websites us…
  • Thanks for the clarification. But even though I am doing all of this I am still not able to bring up the webpage. When I look at the traffic Monitor it shows a Unhandled External Packet. Which means there is no service configured. I did not read any…
  • Well, I was wrong. It still is not working. I actually had a rule pointing my public interface to the website I am trying to proxy. So it still doesn't work. Let me understand this, should the proxy port be the same as the Access portal? Right now m…
  • Figured it out. I have 2 internet interfaces. I was connecting to the wrong one.
  • ok, thanks. Any ideas on the Reverse Proxy? I changed the internal url to the servers name like https://servername. Still nothing.
  • I have tested it externally. Nothing comes up. I am assuming the webpage should just come up without a login prompt right? I might need to adjust the internal url. Wish there was a test button. But how do you add Nat Loopback?
  • I had this problem too. What I did was going into c:\users\username\appdata\roaming\ and delete the watchguard folder. It will create a new one. By the way anyone know how to read the dmp file? Notepad just shows garbage.
  • WORKING!!!!!!!! Switching to LDAP seems to have fixed the issue. Would rather use that anyway. Thanks for all your help.
  • Did a validation test at Yubico and it came back valid. So I am clueless as to what it is I am doing wrong. Maybe I should switch from radius to ldap.
  • With my password and what the yubikey enters it equals 53. 54 if you count the comma so its with in the limitation.
  • I am using the comma with no spaces. Not sure what I am doing wrong. Its is setup for OTP. Its been imported and my login attached. The slots have me a little confused though.
  • I think I am close. Inside the DUO console I see it trying to work. Says the Yubikey password is incorrect. Though I imported it correctly, maybe not.
  • Does it have to be LDAP? I have radius working already with Duo.
  • I have added it to the Duo account. I guess I just don't understand the process. After adding it then what? The Yubikey is attached to my USB port. I start the SSL VPN client. If I type in my password it activates the app on my phone. How does the k…
  • I can also confirm issues in regards to SD-WAN behavior. We have 2 Wan connections. For some rules I had a SD-WAN policy to just use one of the wan connections. After the update to 12.4 my web server stopped working externally. Turning off the SD-WA…
  • Thanks for the link. Although a pain it does give instructions on how to fix Firefox through group policy.
  • Well it didn't take long to run into another problem. Went to a news site and got this error. www.***.com is most likely a safe site, but a secure connection could not be established. This issue is caused by Fireware HTTPS Proxy (SN 91650503B5BCE 20…
  • Rebooting the Firebox did fix the issue. Its now using the default certificate. Downloaded the cert from the portal and imported it into the Trusted Root Certification Authorities and now its inspecting without errors. Thanks for your help.
  • I don't think thats necessary. Article clearly indicates that if you remove a certificate that was imported for inspection and you remove it, the Firebox will replace it with the default upon restart. I have not removed any Watchguard Certificates.
  • From a watchguard article: Do not remove a certificate from your Firebox unless you plan to replace it. If you remove a certificate and do not replace it, the Firebox automatically replaces the missing certificate with a default certificate if the …
  • I just read an article that indicates that I have to restart the Firebox