james.carson
Hello WatchGuard Community users,
If you need personal or confidential support, please create a case by clicking the support center link on the top right of this page, and creating an online technical support case.
I am unable to provide support via PMs in the forums.
Thank you,
-James Carson
Comments
-
@GeorgeWillow Yes. Create a support case and mention FCCM-4622 in the case, and that you'd like to follow that feature request. The technician that is assigned the case can set it up to do that for you.
-
Hi @devnull4u A log message like this would generally suggest that some of your logging may be turned up past error, or that the 3G/4G modem feature of your T80 is enabled but isn't finding a device. We'd be happy to help fix this issue for you, but we'll need more information about how your firewall is configured. Please…
-
Hi @Alex_S If you want to follow or get status updates on this feature request, please open a support case and mention the feature request number The status of these request currently is: FBX-4651 - SUN-RPC <- Closed FBX-16085 - DCE-RPC <- Open but no updates
-
Hi @GeorgeWillow There is currently a feature request open for the ability to turn TCP SYN checking off for cloud managed devices. This is FCCM-4622.
-
I created a feature request for you - this is FCCM-8192. Please create a support case and mention FCCM-8192 somewhere in the case if you'd like to follow this request. The tech that is assigned the case can set this up for you.
-
Hi @markhudy It's not uncommon for Intel to release driver updates - would it be possible for you to post your driver version so future folks that stumble on this can try to match it up? Thanks for posting your solution.
-
Hi @Sam_Cotton_01 It depends on what module you're using. If your module only has two ports, it's probably this one: -WatchGuard Firebox M 2 x10 Gb SFP+ Fiber Module (WG9020) It will only accept 10Gb SFP+ modules (so you can't mix a 1Gb module in, for example.) See the article here for more information on what each module…
-
Hi @Farsight_Tech_Nordic The firewall itself doesn't see a difference between a 3G, 4G, or 5G modem - it treats them the same way. The list of supported devices in in the article here: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/modem_interfaces_about.html The T45-CW supports…
-
Hi @ovwg There's an existing feature request for this feature, it is FBX-19172. If you'd like to follow this request and be notified of any news regarding it, please create a support case and mention FBX-19172 somewhere in the case - the technician assigned the case can set the case up to do that for you. If your users are…
-
Hello @Tytanmus After the initial quick setup wizard, the only ports that are configured are ports 0, 1, and potentially 2. -If you are not getting a DHCP address, DHCP is very likely not enabled on that network. -If DHCP is not set up, you likely will also not have a DNS address assigned by the DHCP server. I would…
-
Hi @krstffrcrvnts Microsoft lists all of their domains they use for those services here: https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide -I would suggest using a tool like firewatch in the WebUI of your firewall to see where your bandwidth is actively going.…
-
Hi @OCCC_IT The WebUI and the SSLVPN client are two separate things - they don't really relate to each other in the way that you're suggesting. -If you are using RADIUS to connect to an authentication server that supports MFA, the MFA server is what decides what type of authentication it will accept. -If you are using…
-
Geolocation blocking happens before exceptions for the HTTPS proxies -- most customers that want to block international address generally just allow whatever is trying to update to retry until it finds a server in an allowed region.
-
Hi @mbhalla Authentication for the mobile VPN is via username, so that is what appears in logs. You can search for the user's username in logs to see them.
-
Hi @the_jonathan Check to see if your upstream NAT devices are forwarding and allowing that IPSEC traffic. Specifically ESP traffic. There's a reason we generally recommend NAT devices not be in front of your firebox, and this is one of them. Your logs are not sanitized (I can see the destination IPs in your logs) and I'm…
-
Hi @WatchGuardKieran By default the AuthPoint Gateway's RADIUS component will listen on port 1812. If you require a different port (or if there is another server listening on port 1812 on that server, like NPS for example) you can change it by changing the port number in the first screenshot you took. If you'd like to…
-
Hi @Norman There's a feature request for this already -- it is: FBX-3998 - Multi-WAN support for IPv6 Please create a support case and mention FBX-3998 if you'd like to follow that request.
-
Hi @TechNerd Please try to view the certificate -- that will probably give you more information about what's going on. -If the certificate says 'proxy authority' or has your firebox's serial number in it, the user may need to import the proxy authority certificate from the firewall. You'll see this type of error if the…
-
Hi @Maxspeed There is an existing feature request for this. It is FBX-9922. Please create a support case and ask to follow FBX-9922 if you'd like notifications on this request.
-
Hi @Philmax I have asked the support lead to escalate your case. It should be assigned a new technician from that team shortly. Thank you.
-
Hi @Philmax Can you please reply with your case number so that I can have my support lead look into your case. I can't do anything for you unless you reply with your case number. If you'd prefer to keep that private, please reply in your support case that you'd like it escalated to a manager, and the technician currently…
-
Hi @Philmax If you haven't already opened a support case, I would suggest doing so. If this is for an existing support case, can you please reply with the case number so that we can look into the case for you? If you are using Windows, the classification of the drive (external/internal) is derived from Windows - if you…
-
Hi @Robert_Vilhelmsen If you've verified these are ZIP files that can be opened, I'd suggest opening a support case for this. The AV service will attempt to expand any file it thinks could potentially be an archive, so it's not uncommon to see errors for things that don't end up being archives or can't be opened. If the…
-
I would suggest opening a support case so that we can get more information about what/how this is occurring
-
In application.log, we're getting an error response back from your LDAP server: AcceptSecurityContext error, data 52e, v4f7c (52e is invalid credentials, which is about as generic as these errors can be.) I would suggest checking the logs on your LDAP server - they may have more information.
-
Hi @Adam At this current point in time, the firebox only supports that one sampling method. (Configure NetFlow) https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/basicadmin/netflow_configure.html If this is an issue, I would suggest opening a support case so we can gather more details about your…
-
@tb7108 In policy manager the global failover settings are in Network -> Configuration, in the multi-wan tab. You'll need to make the other interface your primary there, and set a SD-WAN action in each policy to override that back to what you had.
-
@blabarbera The connection will fail if the certs are not identical. The only way that I've seen this work is if the same exact cert is used on both firewalls.
-
It would depend on what windows is pointing at for default gateway/default route. If it's pointing at something other than the firewall (or if the users are connected to a VPN, for example) that might change. You can see what the current routes are in windows by typing 'route print' on the windows command line.
-
If you're seeing a 404, it's very likely the SSLVPN download page was disabled. You can see how to enable it and disable it here: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/mvpn/ssl/configure_fb_for_mpvpn_ssl_c_before.html#ClientDownloads You can find direct links to download the SSLVPN…