james.carson

Hello WatchGuard Community users, If you need personal or confidential support, please create a case by clicking the support center link on the top right of this page, and creating an online technical support case. I am unable to provide support via PMs in the forums. Thank you, -James Carson

About

Display Name
james.carson
Joined
Visits
820
Last Active
Roles
Moderator, WatchGuard Representative
Points
384
Badges
7

Comments

  • Hi @tantony When you make a configuration change, the change is replicated onto the other cluster member automatically.
  • Hi @kcarpenter If the exception isn't working, it's likely being picked up as a false positive. I'd suggest creating a support case so that we can assist and take a look at your logs (please don't post those logs here as they may contain personally identifiable info.) You can create a case by using the support center link…
  • Hi @TestingTester Do you have a case number that I can look into? Feature keys can be updated manually in Firebox System Manager or the WebUI.
  • Hi @xxup The mail might be coming from elsewhere -- Best thing I can suggest would be to create a support case, and the team that handles that product can look into it. If you have a copy of the email, I'd suggest dragging out of your email program (so it creates a .msg or .eml file with the headers, etc) that may be…
  • Hi @ThomasT I added your bug to that case so that you can be notified of any changes to that issue. It looks like the team was able to start working on the issue again (bugs often pause, or stall waiting for other components to update.) There is a KI related to your issue here:…
  • Hi @efes9999 The MSChapV2 limitation is of the client in Windows -- most customers push the authentication to a MS NPS (Network Policy Server) to handle the MSCHAP portion.
  • We're encountering a cert that we're not expecting if you see this -- the cert from the Dimension server should be in the WGD file that you import into the firewall. Is the cert the Dimension server is presenting valid (for example, has it expired if you examine it?)
  • Feature request FBX-23503 created. Please create a support case and mention FBX-23503 somewhere in it if you'd like to follow that request.
  • Hi @Green_Level I'll pass this along to our product team. Thank you for the feedback.
  • Hi @Charyl89 You can enable guest users in WiFi Cloud -- Please see: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Wi-Fi-Cloud/analyze_guestmanager/guestbook/create_guest_users.html Is this the feature you're looking for?
  • Hi @cabbagehead With an expired license, you can't upgrade the Fireware version on the firewall. You can find more information here: https://www.watchguard.com/wgrd-support-services/overview The firewall will still continue to run, and work on the version it is currently running.
  • Hi @davide_evomatic I'd suggest creating a support case (use the support center link at the top right of this page to do this) so we can assist. We can get your account info and determine what response you should be getting via the case -- unfortunately there's not enough information here to help.
  • Hi @tolcheen If the users want to use phones as their device(s) you'll need an account for each of those users. Multiple hardware tokens can be assigned per account, so we generally recommend using those if a group account must be used. Since authpoint has no idea what user is requesting a push in that type of environment,…
  • Hi @DavidF This error can be caused by a number of issues -- I'd suggest opening a support case so that we can assist in looking at your logs on that PC to help determine what the specific issue is.
  • Hi @Masterpieceis It's not possible for you to do this -- it's embedded into the WSM/WSC install. I'd suggest opening a support case and attaching the vulnerability report, as well as what version of WSM you're using (you can find that in help -> about WatchGuard in WSM.) WSM/WSC does use OpenJDK/JDK, but the…
  • @giox069 @xxup There should be an option in your SMTP proxy to not add x-watchguard headers to the mail. See: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/smtp/proxy_smtp_headers_c.html
  • I would suggest against using the auto-block on unhandled feature unless you have a very specific reason to do so. Anything that matches this rule would have been dropped by the firewall anyways. For example, the default connation timeout is 2 minutes. A client sends a email to a SMTP server that is busy. It responds with…
  • @gveld If the postage meter is making the attempt on the same connection, you'll only see the initial deny line. (Log line = 1 connection) The easiest way to ensure that it's using a new connection is to reboot it or the firewall, which will force a new connection. As far as I'm aware, the traffic the meter is sending…
  • Hi @Porkchop I see your pain point, but I'm not really sure how to make an improvement in your case. What would you like the menu to do? I can see having a drop down of 100 items being just as frustrating. -If you start typing, it should start to autocomplete -- unless the host names are very similar. -Consider using the…
  • Hi @xxup Alerts will generally go to the email in Administration -> My Account in WatchGuard Cloud. (Look for the email column, the user name is sometimes also an email, but not always.)
  • Hi @FastKit You'll generally see bad gateway if you attempt to access an access portal resource and aren't authenticated. -For WebUI, please make sure you're appending the port to your URL (8080 by default) like https://10.0.1.1:8080 -Try opening a new tab/browser window, and use Incognito/InPrivate mode to ensure you're…
  • Hi @TestingTester The emails are an attempt to ensure that customers are aware management ports have been or are open to the entire world. -12.7.2, 12.5.9, and 12.1.3 upgrades are provided for supported devices (even if they have expired support contract.) -Emails are sent to WatchGuard account's email addresses that are…
  • Hi @ypflewnix I'd suggest opening a support case so we can get more details about what might be happening -- it could be an issue with the FTP proxy, or it might be an issue with the server. It's difficult to tell without more information.
  • Hi @Maarten You can test if the SNAT is working by adding "Any-Trusted" to your rule's from field and then trying to connect to the RDP from another computer to the external IP/port. If it works internally that way, it's the internal computer refusing to respond to an external IP. I would strongly suggest using a VPN like…
  • @xxup Without any other info to work on, my hunch is that the upstream device is shutting the connection down unless it sees something specific (perhaps a internet connectivity check from windows, or a DNS query) and simply not bringing it back up till it sees that again. If you're able to, I would suggest querying the…
  • Hi @TestingTester If you have any feedback on any of WatchGuard's products, I'd suggest taking them to http://www.watchguard.com/support/feedback.asp.
  • Hi @Ahmedelhosseiny2022 You're welcome to export the configuration from your firewall, but we do not provide any tools to convert the config file to that of our competitors. I would suggest asking ForcePoint for such a tool.
  • Hi @"[email protected]" Cloud logging is designed to be part of the basic and total security program. Data retention is an add-on to that. I'll see if I can get any information on the SKUs being available in the MSSP program, but I'd suggest also mentioning this to whomever you work with in WatchGuard Sales.
  • @juergen_on_fire I'd suggest checking the diagnostic tasks (In firebox system manager, Tools -> Diagnostic tasks, select DNS lookup.) (In WebUI, system status -> Diagnostics, network tab. Choose DNS lookup.) Can the firewall resolve the name that you're using in the FQDN? The firewall will use whatever DNS server is…
  • Hi @TestingTester There's multiple layers of security baked into management on WatchGuard cloud, including TPM hardware on all of our newer devices. For customers that opt to not use cloud management, we still offer management via the System Manager tool, the WebUI, and the command line of the firewall itself. If you have…