shaazaminator
About
- Display Name
- shaazaminator
- Joined
- Visits
- 163
- Last Active
- Roles
- No Roles
- Points
- 8
- Badges
- 0
Comments
-
You didn't mention how the other VLAN's were configured, but with HP (Aruba) switches this is how I would configure it. On the clients set the NIC for DHCP. Depending upon the NIC you may be able to tag it for VLAN's, but I doubt it. For the HP Swi…
-
Thanks Bruce, That is quite a thread. Yeah, I should update and I know that. Problem is too many users on domain joined pc's at home that can't update their SSL-VPN software or execute the .bat file required for IKEv2 connections without admin perm…
-
Opened up a ticket. Once there is a resolution I'll post it. * Doug
-
Go to Watchguard Cloud > Monitor > Devices > "your firewall" > Logs > Log Search > choose your date or date range > enter "admd" in the query Export results as .csv, open in Excel, and sort, filter, chart, graph to your hearts …
-
This just happened again last week right before I lost power for the past five days. TDR driver corrupts, causing WMI issues, making server unresponsive, resulting in Kernel panic. Only this time the server didn't reboot, I had to use the integrated…
-
DNS watch only says the firebox blocked the site. Frustrating I know.
-
Open Firebox System Manager, go to the Blocked Sites tab, highlight the blocked site and click the delete button on the lower right corner. Enter your admin password when prompted to delete the blocked site.
-
Hey James, I did that prior to posting, sorry I neglected to include that information. Today's AV updates: 12/15/20, 2:51:36 AM PST 20201215.45 Success Update success 12/15/20, 5:52:15 AM PST 20201215.45 Success Update success 12/15/20, 8:5…
-
I have a similar configuration at home, work network, camera vlan, guest vlan, wife work vlan ........ and it was running on a T-10. It worked but my Internet struggled even though I had the fastest speed I can get at home. Then I upgraded to a T-2…
-
Hey Mark, I would start by changing the network interface from Trusted to Optional or VLAN if that is really how it's configured. Next I would set up two outbound policies for the Wi-Fi (Optional) network, one for DNS and the other an tcp-udp any fr…
-
You could also try Watchguard Cloud if you are using that service. Find your device > Log Search > Date Range > search for "admd" in the Event logs. Here you can see exactly when each user connected and disconnected their VPN connection. Sa…
-
Noticed the same thing. Sorta hoped I would see [email protected] since everything is SSO and AD integrated. At least an internal IP would be nice, but no dice.
-
Not sure what PBX you are using, but I would check the log files for connection errors. Also, if your PBX supports it, run a firewall test to ensure all ports are available. If you find errors, adjust your firewall accordingly. Lastly, does your sof…
-
With your DSL Internet connection it would take about 18 minutes to download the 3 gigs, and almost an hour to upload the 4 gigs, which drastically surpasses the time frame given of about 40 minutes. Sure it isn't something internal, maybe a WSUS S…
-
Mixed bag of results with the powershell method. As a local or domain admin it seems to work pretty well. A couple times I've had to run it more than once to get everything working. End users with no admin privileges can get it to run, but no defaul…
-
Is that next to the milk Bruce? :-) I just tested that and it does resolve the issue. More of a workaround IMHO though. That information should be part of the Readme.txt file which is what people will be reading, also my opinion. Now that I'm on …
-
That makes sense Bruce, but what I don't understand is why all my outbound http/https policies utilize SD-WAN yet the Allow IKEv2 Users any/any policy chooses the slow connection. Now, correct me if I"m wrong, but I believe since the slow external …
-
Opened a support ticket. Have you tried turning it off and back on again? Problem resolved. :-) * Doug
-
Hi James, I've tried using the fqdn of the 3rd party certificate and by IP address with the same result. I have directed users to download directly from Watchguard for now. Odd the SSL-VPN users connect fine and the Access Portal displays and aut…
-
Hey James, I submitted it as a false positive. Thanks for the help. * Doug
-
You never mentioned the model of Firebox purchased, but if you own a M-470 and above you could add the optional module for additional ports.
-
The "Safe Search" doesn't really do much for Google Images. Works great for Bing though. You will need to edit your DNS servers in order to force Safe Search for google. This should point you in the right direction. https://support.google.com/websea…
-
I managed to enable the NIC on the device and it is now hard wired into the network.
-
Great work around solution. Instead of creating new Zones in my DNS infrastructure I would rather just check the box in the Proxy and have it work. Don't want to be mean, but isn't that why I purchased the Security Subscriptions in the first place?
-
Using Brave, which is a Chrome-esque browser. Folllowed the instructions in the article you posted. Disabled the Experimental QUIC Protocol in the browser, reloaded the browser, same result. NSFW :-( Per the article, I created a policy to block UD…
-
Finally resolved the issue. Onsite I have a Synology NAS running as a file server, and I just used the DHCP Server module of the NAS software to assign IP's to the different VLANs on the network. The Secure, Guest, and RING networks all connect with…
-
I still run an in house mail server, and like any good security approach I use a mulit-tiered system for Spam control. All email is ran through our ISP's "mailgate" and filtered for Spam, viruses, SPF records .......... and the majority of junk is c…
-
Sorry for the delayed posting. Made a trip to the remote office and ran a TCP Dump on the FW while trying to connect to either network on the VLANs. Running the pcap through WireShark I found that the client is sending out the Discover broadcast, b…
-
Yeah Bruce, I saw that and thought it a bit odd. Like the client isn't letting go of the IP, but this happens with all clients, PC's, tablets, phones, Apple computers..... Also it happens on both VLAN's 10 & 20. I just posted from vlan 10 as the…
-
Excellent tip Bruce! Thanks, * Doug