Comments
-
I apologize for not answering sooner... I was sick the past couple of days. Unfortunately, in my case I'm not synch'ing my VPN users with AAD... JUST to WatchGuard Cloud. So, I've issued unique username/password pairs to users in WatchGuard Cloud (who may or may not have an account in AAD) and then require the second…
-
Yes. That'll be fine, thanks. Ah! I see... Let me give that a try... Again, thank you.
-
Again, thanks. My issue is simply HOW do I do it? If I "Add an SD WAN action" I have choices of either Failover or Round Robin. I simply want to specify a specific Interface. Like I'd do in PBR, right? It is possible that I am exceptionally ignorant, but I do not see how one accomplishes this.
-
Thanks for your reply. I've read that page multiple times. And THIS is precisely what has me confused: I don't want or need my External interfaces monitored, and I don't want a "failover" action. And I don't want traffic balanced round robin across the External interfaces. I want traffic from Trusted Interface X to go to…
-
To close the loop on this: We finally configured and got this working a couple of weeks back... "this" being AuthPoint 2FA and our VPNs, with users specified in the cloud. Not only does it work, but it works GREAT. Not to winge too much, but it'd be even greatER if you could use a "standard Authenticator" (like Google…
-
@"james.carson" I was coming here to once again complain about SSLVPN support and ARM and such... but after reading your reply above that said (in part): I decided to setup an IKEv2 MUVPN, and try to use it from my ARM tablet. Setup on the Firebox was a bit confusing, but once done... setup on the CLIENT was trivial and…
-
It's a shame nobody from Watchguard is stepping up to answer these questions -- never mind fixing the underlying problem that's plaguing us and would take their developers an afternoon or less to fix. WTF? Let's see if I can help: ISTR that OpenVPN is revising their client code. I know that some very significant work was…
-
@Alexandre_Cagnoni ... that's great news, thanks. Peter
-
Not the best of my knowledge. And no... no solution so far. Frustrating. Peter
-
Thank you, Mr. Carson. Peter
-
Will somebody post something here, please... when this feature ships? I’ve been looking for a long while.... Peter
-
Not as far as I've been able to tell... and I've been eagerly awaiting this. Peter
-
Glad to be able to help. Why the Watchguard team hasn’t added support for ARM64 is behind me. It’ll take them, literally, a couple of hours at most. Watchguard is such an exceptional product in so many ways. But when they’re blind to things, they can be really blind. This is One of those things, I guess. Peter
-
Just to close the loop, I've finally had the time (and requirement) to try this: Using the TAP driver from OpenVPN works like a charm. I installed the Watchguard SSL VPN package. THEN I installed the OpenVPN package from here. Fired-up the Watchguard SSL VPN GUI...and presto! everything works. It really would be very easy…
-
And it seems there IS a version of the OpenVPN TAP driver built for Windows On Arm: https://github.com/OpenVPN/tap-windows6/issues/75! So... there is hope.
-
Thank you again for your quick reply. OK. All your devs need to do is rebuild the driver to target ARM64, just like they build it to target 32-bit x86 and 64-bit x64. And alter the installer to install the right version. It’s not like it’s a lot of work. It will take one dev an afternoon. Including testing. I absolutely…
-
Thanks for that reply. First, Windows On ARM is most emphatically not WindowsRT (which was a Windows 8 operating system for the long discontinued Surface RT). Second, as a professional driver developer with some experience, I don’t understand why you would say that support for SSL VPN is “a limitation of” the Windows…
-
@Alexandre_Cagnoni Thank you! Yay! :D Exactly what I was hoping for. Eter
-
Sorry... what does that mean? My goal is 2FA VPN through my Firebox with no local server or relaying client. Is there a configuration that’ll let me do this? I’ve been in search of an answer for months, and was told “no”. But if the answer is “yes” I’ll be very happy. Peter
-
I’m confused. Can somebody PLEASE explain a bit more if this is possible or not, and if so how. And, yes... I DID read the thread cited and the doc page that thread cites. I still don’t get how this gets us 2FA on Authpoint. I’m sure I’m being dumb... but I’m no expert on Authpoint. I’d really appreciate the help. I’m…
-
Thanks for the reply. Sigh! It’s unfortunate that the Gateway is required, and the firewall can’t talk directly to Authpoint in the cloud. We’ve just spent the last year getting RID of on prem servers of all types, to the point where we have no critical infrastructure on prem at all. No ADs, no email, nothing. So, I’m…
-
Bump?