Comments
-
Hello all, Please review the following Kbase article. https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA16S000000BbnNSAS&lang=en_US
-
Hello Merjin, You protect the host with MFA. See https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/authpoint/logon-app_about.html "...To protect the RD Gateway server itself, you install the Logon app on the server. To protect the hosts behind the RD Gateway, you install the Logon app on the hosts....."
-
@RafaelSOCNET hello Rafael, See below https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA16S000000SOCGSA4&lang=en_US "....Q: What if there isn’t a supported release of Fireware for my firewall appliance? A: WatchGuard has released remediation support for an extensive population of Fireboxes including every…
-
This defect affected the latest firmware and running the tool from the Management Server. This issue is resolved in WSM v12.7.2 Update 3 which is already available for download.
-
That's if you use the Web Detector and a snapshot. I was referring to scanning the device directly using WSM / Tools / CBD / enter device IP and admin login instead of via the Management Server. We'll update the KB article with the inconclusive result when scanning with the former.
-
It's the wording they used. The auth page isn't a 'management interface'.No admin anything here.Management users cannot auth. against the Firebox-DB. This part is correct.
-
Back online and servicing upgrade requests..
-
Which CB tool are you using, Management Server ? Try WSM / Tools and connect directly to device. If the scan errors out, check https://techsearch.watchguard.com/KB?type=Known%20Issues&SFDCID=kA16S000000SOJ2SAO&lang=en_US .... if you're running the latest firmware.
-
Hello Perry, You might be using an encrypted version of the support snapshot. Pull it from FSM / Status Report / Support or Web UI / System Status / Diagnostics
-
Hello Greg, You're correct. It's just how they worded it.
-
@Bruce, Correct Bruce. I've only highlighted the dynamic one. "...saved for later use..." as in until the TTL expires. Should've been more clear here.
-
@greggmh123 Hello Greg, Correct on Alias vs IP. Not exactly. When you use an FQDN, it's looked up via DNS when policy is saved and save for later use. The "...other alias..." piece refers to.... "...From field: ::/0, 0.0.0.0/0, Any-External alias, Any alias, or any other alias for an external interface...." This was…
-
@WGM https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA16S000000SOJMSA4&lang=en_US
-
30 July 2021: WebBlocker Cloud server unavailable in US region https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA16S000000Fx2HSAS&lang=en_US
-
thanks Robert, Glad we got the exceptions issue sorted. "...It works through with the exclusion in the proxy policy, but i still get the SSL err 1 logged. Is this expected?..." Yes on the A channel (external) alongside exception match (if Log enabled).
-
Hello @RVilhelmsen "...Connect SSL Error [ret -1 | SSL err 1 | Details: ssl3_read_bytes/sslv3 alert handshake failure] Domain: angf225hyrme5n3xn5tbclqteu.a.ecaserver.eset.com...." This error is caused by the server side requesting the client certificate which the proxy does not have and cannot provide during TLS…
-
Hello RZX, "...Log store for how long? Depending on disk capacity? ...." By default yes. Disk size - 20% = log/report data storage. Dimension will fill this space up to 95% then will start to FiFo data. You can control data retention by days from Server Management / General / Database size.
-
What was the result, Connection Refused ? What if you run the same test but with a :8080 suffix ? *you'll need to open the webUI policy to Any-External temporarily... It could be falling apart during TLS negotiation but the like versions on both don't seem to support this idea. It's the same server that server the webUI,…
-
What's the result from an external SSL test ? https://www.sslshopper.com/ssl-checker.html
-
Hello Greg, Just wanted to highlight some of your results and suggest other, more reliable, testing methods. https://downdetector.com/companies/ - these are the only companies that the downdetector is tracking. Otherwise it'll display the error that it was not able to find the company you were looking for. ping…
-
Hello Greg, Which platform. Working here.... Ralph
-
Thanks. Rule 1052848 was removed for re-tuning in signature releases v18.151 and v4.1158 which just went live this morning. This is also documented in the following Known Issue article https://techsearch.watchguard.com/KB?type=Known%20Issues&SFDCID=kA16S000000XeQwSAK&lang=en_US
-
Hello Robert, We'll get a new Known Issue logged for it and investigate closer. If you could elaborate on your SSO environment then that would be appreciated. SSO Client, ELM .... any client commonalities ? Ralph
-
Hello Manley, False-positive. Please see this Known Issue that was published. https://techsearch.watchguard.com/KB?type=Known%20Issues&SFDCID=kA16S000000XeM6SAK&lang=en_US Run manual IPS signature update to roll-back to signature set 18.146. Ralph
-
Hello Ian, No. Please submit a handful of samples so they can be analyzed. There must be a common denominator somewhere if you're seeing that many false positives. https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/spamblocker/spam_report_false_c.html Ralph
-
@jesseg No. Ideally you want to release the message to the end user then "Forward as Attachment", if using Outlook, to the submission address. Save As option saves a stripped down version of the message (similar to Outlook's Save As txt) where most main headers and message structure are stripped off. In email, you always…
-
Thanks for reporting. These were exposed in 12.6.2 and are harmless. You'll see these at log rollover which is around the 500K mark. Depending on your Traffic log activity, you may see this more frequently than others. Logged as a defect.
-
Hello Louis, In Firebox System Manager / Traffic Monitor Or in webUI, Dashboard / Traffic Monitor, filter for dxcp while trying to enable Dimension Command. This will shed more light on the issue. Dimension Management is pretty limited compared to the Management Server which is a full blown command center. in Command, the…
-
Hello Kostas, You might be running into https://watchguardsupport.secure.force.com/publicKB?type=Known%20Issues&SFDCID=kA10H000000bp1LSAQ&lang=en_US Auth communication between the SSO gateway and the Firebox was the culprit here and required a Firebox side fix. The fix will be in the next version of the Firebox firmware.
-
Thank you Adrian, that's what we're exploring....