Comments
-
Or is there a way to see IPS logs / activity from WatchGuard Systems Manager utility?
-
Please correct me if I'm wrong, but when I updated my feature key, I had to login to my WG account, and copy and paste feature keys for the 2 WG firewalls.
-
Thanks, I agree with you there. As soon as the Pen. test is over, I'll be removing this policy.
-
Sorry, is Any the wrong type? If yes, what else should I be using? Thanks.
-
From what I understand, IPSEC is for VPN
-
There's an IPSEC policy, but I wasn't sure it that's what I should be selecting.
-
I choose Any
-
I think that should be right? Please confirm.
-
I created an Alias with those IP addresses, then I created a new policy below. Is this right? I don't have the 'Enable IPS for this policy checked'
-
Never mind, I guess on the VPN side since I can do that only on the VPN adapter.
-
Thanks, so I guess my question is do I do split tunneling on the VPN ethernet or Local ethernet?
-
@"james.carson" , agreed thanks
-
Thanks, @"james.carson" , So there's nothing really I can do here right? Its just a notification like you said?
-
I do have Vietnam blocked on the WatchGuard, may be that's why?
-
Thanks again, we're good to go. The inbound rules were for the Windows Defender.
-
Sorry, I think I just need to open TCP 17472 on the client computers locally for inbound rule for Windows Defender. I appreciate your help.
-
So from any external to SNAT? Which would be my public IP to single IPv4 or to 'Any-Trusted'?
-
"You can create a Custom Packet filter for TCP 17472 and use that along with a SNAT, on an incoming policy." Ok thank you. For the SNAT (Port Forwarding?), I need to map my public IP to an internal IPv4?
-
Sorry, I think I got it. Am I right? 'Tanium' connections are allowed 'From' Any-Trusted 'To' Any External.
-
This is what I have now, so I need to add the custom packet filter named 'Tanium' I created to 'From'?
-
I created a custom packet filter named 'Tanium' and added TCP 17472, 17486. But I'm not sure how to add that to outgoing policy.
-
Makes sense, like here https://www.youtube.com/watch?v=xBRval7y9Js
-
I opened a case with WG support.
-
Is there a way to see what the FQDN is now?
-
Basically, I changed my account's UPN to company.com, and tried to VPN, and I couldn't. So I used Logmein to connect back to my work computer, then remoted in to AD, and changed my UPN on my account to company.local, then I was able to use the VPN.
-
I'm using a static public IP on the WatchGuard Mobile VPN client. Then I just type in my AD username (mjackson), and my password.
-
Thank you
-
Thanks, so I can check 'blocked ports list'? Where would I find that?
-
ok thanks
-
ok thank you, is there a reason why its not possible to edit the policy? It would be easier right vs having to delete and recreate.