Comments
-
Thanks guys for your help. I tried James's suggestion without success and verified DNS forwarding wasn't configured where Bruce said to look. I opened a ticket with support and it has been escalated to DNSWatch specialists. I plan to do more testing in the morning.
-
Thank you very much
-
Thanks guys, using the ssllabs site and considering James's post helped a lot. I then found a very interesting blog post by Will Dormann, The Risks of SSL Inspection. He mentions that some inspection implementations can reduce or completely prevent clients from successfully validating the identity of the servers that they…
-
I have a firebox in one building and an ap327x directly connected to it in another building. There is no switch at the building with the ap and it may be moved to a pole at some point. On the ap, bridge mode for ssids don’t have an option to utilize the second ethernet port my ap has. I have not explored all the pros and…
-
Thanks guys, WG Support was excellent and we got the vlans working. We left the AP cloud managed and left the wireless gateway controller disabled on the firebox. We set up matching vlans on the ap and firebox and applied policies to the vlans as needed. I found that in order to utilize a wired extension on one of the ssid…
-
Thank you for your help. Could you please confirm that if I setup bridged ssids and vlan tagging using the gateway wireless controller on the firebox then I would have to change the AP to firebox managed from wifi cloud managed? I would lose several important security features I have with The Total WiFi package I purchased?
-
I was hoping the firebox could differentiate the vlan tags and apply an alias to them or something like that while keeping the ssids and wips, etc in the cloud. I will have to look into cloud policies for the vlans. The wifi cloud is new to me. The ssids on the ap are set to NAT as opposed to bridged or tunneled. thanks
-
Thanks. It looks like WIPs is vital. I guess I just assumed the Total Security included wips. I was about to purchase a ap327x for an ap but now I think I have to have a wips capable device. The ap327x can’t be both an access point and wips device at the same time, right? I’m thinking of going with a ap225w because it has…
-
I still need to find out if default packet handling on the firebox does in fact process udp over https? If it does, threshold settings on the firebox might come into play from what I see in the doc. 25% packets dropped between threshold and twice threshold. All packets dropped if more than twice the threshold. If udp over…
-
Thanks Bruce. I’d like to find out what thresholds Panda triggers at for udp flood alerts and if possible how many packets Panda is seeing. I need to determine if these alerts are false positives or not.
-
I think I put too many specifics into this thread. To narrow it down, I’d like to simply ask what people’s thoughts are with both Webblocker and Dnswatch on the same firebox? thanks
-
A problem I am having is sometimes dnswatch stops something and sometimes web blocker stops something. I see this on the corresponding watchguard block web pages. And some youtube videos gives a generic block page with something like “contact your google workspace or network administrator”. I don’t know how or why it’s…
-
Great suggestions. I was going to run outdoor rated cat 6 wired tied to an existing coax in the air between two poles but I was worried about lightning. I think I’m going to put the cat 6 in the ground. I like the MoCA 2.0 idea though. It’s only a 300 foot run. I don’t know if it is less susceptible to lightning than the…
-
Thanks Bruce, I’d like to confirm if true that I don’t need a wired data connection to the ap327x and I could connect to my t20-w on 2.4 and offer 2.4 and 5 at the same time from the ap327x.
-
The t20-w has only one radio I understand. I have 2.4Ghz devices near it and need distance over speed so it is setup for 2.4. I also need 2.4 at the second building. If I put 2.4 directional pointed to the t20-w am I limited to use the second radio at 5Ghz for my devices or do I get both 2.4 and 5 for devices off the…