Comments

  • I wish there was something more clear cut, but at least I understand it now. Thank you both.
  • We entered the IPs into the Blocked Sites Exception list. It's confusing based on the support ticket we opened about it. We were told "We do not have a publicly available document about the order of operations of the Firebox" and they couldn't point us to anything that said Auto-block sites that attempt to connect is…
  • Thank Bruce. I think I understand. It is an order of operations of the firewall. Proxies stop to inspect the packet, so it can review the block exceptions list before processing the Auto-block sites that attempt to connect. Packet filters don't inspect like a proxy and can only block and not perform a lookup. We have a few…
  • I had the same issue upgrading from an M370 to an M390, along with a few other surprises. I'm working out a gateway wireless controller issue so didn't open a ticket yet for this. However, seeing this thread gave me an idea that worked. The Automatic policy generated "WatchGuard IPSec", made when you tick the box in the…
  • Thanks James. I like knowing how things works since this is security. Magical changes irk me to no end. I also figured out how to upgrade the firmware. First, disable automatically provisioning new access points from the firewall. Next, restore the access point to factory defaults using the pinhole method. Download the…
  • I'm shocked to no longer see the option for those devices. The 12.4.1 firmware and system manager is from 6/2019 yet EOL for the AP300 is 12/2019. Was their a logic bomb that disabled them from appearing on 1/2020 or worse yet did WatchGuard access my boxes and change something without permission? As for the firmware, I…