Comments

  • Hi @ahude, We ended up dropping Watchguard for another brand. Our firewall hardware was out of date and support had expired years before I posted this, so with no option of a firmware update or ability to log a support request, we made the business decision to move to a different brand. Sorry I couldn't be of more help.
  • Just an update on this, I still haven't solved the issue. I've tried creating routes on both ends to send traffic that is destined for the AD servers, that is from (and back to) the wan interface on the Firebox, across the VPN tunnel. Can anyone help with getting a packet trace that is longer that 50 packets so I can…
  • Hi Bruce, So in a 'normal' BOVPN, can you let me know what steps would be followed to fix this issue? Thanks Scott
  • Are you talking about this help article: https://watchguard.com/help/docs/webui/XTM_11/en-US/index.html#cshid=en-US/bovpn/manual/manual_bovpn_ad_auth_example_c.html I assume when you say 'normal' you mean between two Fireboxes? If it is the above article, I might be able to replicate it with the AWS site to site VPN as…
  • Thanks Bruce, I enabled "Enable logging for traffic sent from this device" and found that the Firebox is sending to the DC's from the IP bound to the WAN interface. I tried the ping, specifying eth1 as a source and the DC replied. How do I force it to use eth1 (instead of eth0) as the source of the communications across…