Comments
-
**Some more information. ** Another review of yesterday's logs from the Firebox show that any-from-firebox logging was turned on at 2020-10-20 11:09:46 AEST and the Firebox was rebooted shortly after that time. However, the first log entry to port 123 was: 2020-10-20 12:32:10 Allowed 203.0.113.26 220.158.215.21 123 20,140…
-
That's just plain evil! Have you tried Application Control? Social networks > Twitter > Authority, Transfer, Media, Access > Drop
-
The switch is now using the Firebox NTP server.. There was 377 requests with 147 failures.. My guess is that it happened about two hours after I set it up initially. . Perhaps, I just need to be more patient?
-
Hmmm. Looks like time to drag out the old Wireshark software and see what is going on between the Firebox an the NTP Pool and between the Firebox and the switch.. Oh joy!
-
You may be right. I have turned on logging of traffic from the Firebox, then rebooted the firebox and checked the Dimension reports and there is no port 123 traffic from the firebox to external NTP servers.. There is lots of other traffic (ports 53, 80, 443, 10108 etc), but no port 123.. I need to get another Firebox and…
-
I wonder if there might be something in the quotas area of the Firebox that might work here?
-
Thank you James.. I will have a play with this in the morning..
-
Any timeline for the release to WebUI and the download site?
-
It should be on Dimension...
-
Is there a reason why the update is not available on WebUI?
-
I, on the other hand, love using WebUI, but I would not touch Edge with a 30 metre barge pole. Firefox is used most of the time with the occasional dabble into the Chrome pond without any problems.
-
Ah.. I see now.. Thanks.. I remember from looking a Dimension that there are a number of stateless IP addresses...
-
I am not sure what you mean here.. If it its not on the allow list it is automatically denied.. For example, you can't get to my business website (short of using a VPN) because the USA is not ticked to allow access...
-
Yep. The old one did too, but it generally marked them as "suspect" so it was a little easier to manage. I would send the messages marked "Spam" directly to the users' junk folder and kept the "suspect" in their inbox for them to manage. I don't think that there is a perfect solution to this problem and the further away…
-
One thing from popular American culture that is adopted down here is the phrase, "trust no one" from the X-files show.. I personally would not be running a public web server on my trusted network, and I would be thinking long and hard about connecting it to my AD server. As Bruce says, the vendor really needs to make a…
-
Been there - done that... What was also useful was tracking through the browser history - made somewhat easier by the use of roaming profiles..
-
Assuming that you are using a WatchGuard AP the Gateway Wireless Controller, have you checked that the "Enable client isolation" is not checked in the SSID Settings? This will prevent clients on the AP from reaching your NAS.
-
So it looks like the problems are limited to the M series boxes?
-
Yikes! I just checked the T40 and see that 12.6.2 (Build 628197) is now an "unreleased version". I don't have any problems with DCHP and nearly all of my devices have reserved IP addresses. The only difference, I suspect, is that I use WebUI for all my routine maintenance on the box (on all the boxes for that matter)..
-
I really like this idea, but it is a double-edged sword. Imagine how fast your entire network would go down with a single typo. Having managed a very large network of UNIX servers through remote shell-scripts, I have lived through the horror of the "one simple mistake". (Old UNIX admins will remember that sick feeling when…
-
I activated the debug mode of WordPress, but there was no log entry related to AuthPoint or any login for that matter. Interestingly, the session survived a reboot of the web server. I will lodge a case in a few days - a few things on my plate this week.
-
I use WebUI with no problems at all.. :smile:
-
The other shortcoming with Dimension Cloud is that you can't drill down to the detail in the Policy Map, which is essential for troubleshooting policy-related problems (e.g. unhandled Internal packet errors).
-
Same here on the T40-w v12.6.2 2020-08-23 16:50:00 loggerd Archived log file /var/log/traffic.log which reached max size msg_id="3D01-0003" I am pretty sure that it is okay..
-
Yep.. I get all that, but we still have three places to manage WiFi.. My enhancement is to move away from the current approach to provide a service that runs in the Cloud or through GWC (like we have WebUI and the really old WSM), but provides all the secure Wi-Fi services.. I realise that it would be difficult to move…
-
Thanks Bruce.. I will see if it happens again.. Very upsetting..
-
Yep. I have been doing more things with AuthPoint. When it first came out I struggled with getting anything to work, but these days it seems to work very well and the WatchGuard integration guides are very useful. I already have one customer on board with AuthPoint and the others are starting to get interested in the…
-
Hello Ralph, Not a peep from either Firebox. It must have been a dud GAV update and the Dimension thing was just a coincidence. Thank you, Adrian
-
Sorry James, I was not expecting you to solve the problem. I just needed something more solid to give to the support people. I suspect that Dimension is somehow tied into this problem - as bizarre as that seems. There have been no more corrupted host entries since the Dimension database fixed itself and both boxes use the…
-
Hmm.. Cough cough.. Further research has revealed that the errors are also on another Firebox. I did not find it the first time because of how I was searching Dimension. The problem can now be narrowed down to the HTTP proxy and only started at 8:33am yesterday (I went back 45 days in Dimension to confirm this one), when…