Comments
-
Hi, that be your solution; https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/WG-Cloud/Devices/device_add_locally_managed.html
-
Hi, ok. Is the route to the vpn pool on customer site configurated for the site-to-site tunnel? Is the the remote subnet included in the mobile vpn configuration?
-
Hi, I would recommend you to build the setup differently. Put the virtual mobile vpn pool in your customer's site-to-site ipsec tunnel. --> Just one site-to-site tunnel and all necessary routes included on your and customer site (mobile vpn pool) Is the site-to-site tunnel policy based or routed based? Is the IPsec Mobile…
-
Do you have an http proxy for the ikev2 traffic? Then this is your solution: https://watchguard.force.com/customers/wgknowledgebase?type=Article&SFDCID=kA10H000000g2vHSAQ&lang=en_US
-
Now works for me with and without a proxy rule. Maybe there were problems in the backend
-
As I can see, port forwarding doesn't work with the hue bridge. I also try it without my vpn connection. I have the same issue. I created an any out rule to bypass the proxy rule. I would say the problem is not the firebox. Maybe you reset the hue bridge and try it again.
-
I have applied the following currently see screenshot * This is not a snat rule. Follow this guide: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/nat/nat_static_config_about_c.html can you provide me with a link what you mean by vpn client? is this an ip within your own network range, for…
-
Do you have a snat action and a rule for that? I always try to avoid open ports to outside because of security reason. I also use the hue bridge behind a firebox and solve that with client vpn.
-
Hi James, please excuse the late reply. The solution is an https proxy rule with the destination * .live.com and in the proxy action a deny for * .live.com I'll post the solution in the case. Maybe the support can transfer this to the Knowledge Base