Comments
-
Never mind, I guess on the VPN side since I can do that only on the VPN adapter.
-
Thanks, so I guess my question is do I do split tunneling on the VPN ethernet or Local ethernet?
-
@"james.carson" , agreed thanks
-
Thanks, @"james.carson" , So there's nothing really I can do here right? Its just a notification like you said?
-
I do have Vietnam blocked on the WatchGuard, may be that's why?
-
Thanks again, we're good to go. The inbound rules were for the Windows Defender.
-
Sorry, I think I just need to open TCP 17472 on the client computers locally for inbound rule for Windows Defender. I appreciate your help.
-
So from any external to SNAT? Which would be my public IP to single IPv4 or to 'Any-Trusted'?
-
"You can create a Custom Packet filter for TCP 17472 and use that along with a SNAT, on an incoming policy." Ok thank you. For the SNAT (Port Forwarding?), I need to map my public IP to an internal IPv4?
-
Sorry, I think I got it. Am I right? 'Tanium' connections are allowed 'From' Any-Trusted 'To' Any External.
-
This is what I have now, so I need to add the custom packet filter named 'Tanium' I created to 'From'?
-
I created a custom packet filter named 'Tanium' and added TCP 17472, 17486. But I'm not sure how to add that to outgoing policy.
-
Makes sense, like here https://www.youtube.com/watch?v=xBRval7y9Js
-
I opened a case with WG support.
-
Is there a way to see what the FQDN is now?
-
Basically, I changed my account's UPN to company.com, and tried to VPN, and I couldn't. So I used Logmein to connect back to my work computer, then remoted in to AD, and changed my UPN on my account to company.local, then I was able to use the VPN.
-
I'm using a static public IP on the WatchGuard Mobile VPN client. Then I just type in my AD username (mjackson), and my password.
-
Thank you
-
Thanks, so I can check 'blocked ports list'? Where would I find that?
-
ok thanks
-
ok thank you, is there a reason why its not possible to edit the policy? It would be easier right vs having to delete and recreate.
-
So there's no way to modify the current policy, so I have to delete this and use the SMB policy?
-
thank you
-
I have more than computer that I like to apply this rule to, so I'll also create an alias for these computer and put their IP or FQDN in it.
-
ok thanks again
-
Ok thank you, since you were the one that answered the one in my link.
-
Thank you, I never heard of Brave browser. But is there a way to block it from within Firebox?
-
Thank you, that's what I was looking for
-
I would love to hear someone from WatchGuard's opinion on this. If this is true, aren't all VPNs illegal? I'm talking about the CMMC part.
-
ok thank you, I was just checking to see if there's a Windows setting.