hi guys

We have a load of Watchguard Access Points and they are connected to a Draytek 1100 PoE switch. This switch is then connected to our backbone switch which is a Cisco 3750.

We have set DHCP on the WiFi network that the access points are on in a way to be from 10.0.5.20 on wards and the management IP of this Draytek PoE being 10.0.5.6. Every single day, people complain about not being able to access the internet properly and then it fixes itself again. Then it happens again.

When they do complain, I end up not being able to access the management IP page of the Draytek on 10.0.5.6. This makes me believe that it is in fact this particular PoE causing the issues we are having.

Could that be the underlying problem?

Thanks for helping
Yash

We have a new 2nd building on property we own.  someone got verizon fios at the 2nd building (it was already in the 1st building).  They are about 1,200 feet apart with line of sight.

We need the 2nd building to be able to access the network in the first building (and minimize costs).   the 2nd building will have 1 -2  users and MAYBE some file transfers between the 2 buildings, but mostly email, web surfing

I'm trying to see the costs for connecting the 2nd building to our existing network / do we need fios at that 2nd building

Some options I thought of?

1) Setup a VPN - we have a watchguard at building 1 already and that has a VPN to another office in another state.  So add a Watchguard unit for $500? at building 2 and some config time / costs.  and still have the fios ongoing costs.  Anyone know the throughput of a vpn using Verizon fios at both ends?  it's lower than the speed you are paying for from verizon, right?

2) wireless? Maybe Unifi Nanobeam 5AC gen 2  

https://www.amazon.com/Ubiquiti-NanoBeam-High-Performance-airMAX-NBE-5AC-Gen2-US/dp/B0713XMHH9 

$113 each and we need 2 of them, plus time / moneh for hardware, mounting poles, etc. That  Would get 400Mbit which is fine (mostly email / web surfing etc at the far end).  But What if we want gigabit on wireless?  Is that doable at a reasonable cost? And can cancel the FIOS

3)  Fiber? I called Lanshack.com and they are saying the fiber cable would need to be outdoor rated (regardless of being …

Hi.  I am trying to map ports to an internal IP from any outside IP on a Watchguard firewall.  Version 11.9 Firewire XTM Web UI.  No matter what I do, these ports will not open.  Unfortunately, not as familiar with Watchguard as I should be.
Any idea why they will not go through from the attached file?
Watchguard-pdf.pdf

Hi All,

I am using XTM 26 series watch guard firewall in the company. We have some remote location offices are running independently and they all have CCTV camera is installed. Now when I am trying to access all remote offices camera (P2P Connection) using company network, it is not connecting at all. While, I am switch to mobile network, I can see all the cameras of all offices and vice-versa.

I understand that, firewall is blocking something. To check it, I did some real time monitoring and I have found the following log message

2018-10-04 14:54:07 Deny 192.168.1.28 255.255.255.255 32761/udp 50222 32761 1-Trusted Firebox Denied 80 64 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"

I already have created SNAT rule from any-external to internal DVR IP address and allowed the ports 80,32761,9000

Can anyone tell me that, What i am missing here.

I am installing WatchGuard SSL Vpn software which is using Open VPN software and it has TAP network driver but I can't install it unattended. Does anybody know how to install OpenVPN un-attended including TAP-Windows adapter?

I have a user who is using the Watchguard VPN client software. They have been using it on Windows 10 Pro (v 1709) for 6 months without issue. The UAC prompt suddenly started appearing this morning when they try to run the software. No updates for Windows or the software have been installed. I have 60 other users that are using it without this problem also. I am at a loss as to why this would suddenly start needing elevated privileges to run. Does anyone know why this would happen or how to fix it? I am not going to disable user account control or give them admin rights.

Customer has a watchguard T10 firebox firewall for a pos system.  The POS server connects directly to the trusted network port. no other computers connect to that network.  

Customer wants to setup an access point for wifi.  The watchguard has a 3rd port.  I want to activate it as a second network and allow wireless devices to access the internet.  

The watchguard firewall does not have built in wifi.  We purchased an access point that we plan to connect to the 3rd port.

This is a restaurant, there are no office pc's or network printers.

Need suggestions on policy's, the device has contenfilter subscriptions.  I want to enforce them on the 3rd port too if possible.

I'm trying to connect a Watchguard T30 to an AP320 through a Cisco Catalyst 2960.

I'm able to set up trunking on the Cisco so that I can see the AP320 through the controller, however when I connect to the WLAN I get no DHCP address, and I can't get online even when I hard code the IP. Based on some logging information I've seen on the Watchguard, it almost looks as though the Cisco switch is sending packets to the wrong gateway address.

It looks like when a device was requesting an IP on the VLAN 192.168.5.1/24 subnet that request was sent to the lan 192.168.1.1 gateway.

I'm extremely new to Cisco so it's entirely possible I'm missing something obvious, but when the VLAN's are set up on the router and then trunking is configured for those VLAN's on the Cisco, is there a place where you need to specify what Gateway to use for each trunk?

I currently have a Watchguard Firebox in place and have recently purchased a Cisco Catalyst 2960 to server as our primary switch. Our Watchguard currently manages our WAP's (also Watchguard) which have a private and public wifi network which is segmented through the use of VLAN's.

I'm extremely new to Cisco and I'm trying to determine how I would go about configuring the ports on the switch to pass along all VLAN traffic which should allow the WAP's to continue functioning.

I am having an issue accessing a secure ftp web site from a network.  The network uses a watchguard xtm 25 appliance and then runs Server 2008 R2 as the network server.  The workstations are all Windows 7 Pro.

The URL is https://oebsftp.ontarioenergyboard.ca.  This should bring me to a log in page, but instead the following message

The message from IE 11 is as follows:

This page can’t be displayed


Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://oebsftp.ontarioenergyboard.ca  again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

Fire fox give the following:
Secure Connection Failed

The connection to oebsftp.ontarioenergyboard.ca was interrupted while the page was loading.

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.
Often the Ontario energy board upload sites are designed for IE only.

I do not see anything in the Watchguard appliance but may be overlooking something.

The server uses SEP 14.0 for both anti-virus and Firewall

As a separate issue, email using Outlook 2013 cannot use ssl either

Hi, I have a really odd problem with a Watchguard XTM25-W Firewall.  It has the latest Fireware on it and I've reset it and run the setup wizard from scratch on it. I have a Draytek VDSL model plugged into Port0 and have set up PPPOE authentication on the watchguard and the watchguard connects to the internet.  I have successfully downloaded the Live Security feature key and it's valid for 2 more months.  

The problem I have is that if I plug a laptop directly into Port 1 on the Watchguard and set up a static IP the laptop can see the internet. However if I plug Port 1 into an established 48 port switch nobody on the switch can see the Watchguard, and in fact the Port1 light on the Watchguard doesn't even light up (it lights up if you plug the Laptop into it)

As far as I am aware when you reset a Watchguard and run the setup Wozard it sets up enough default settings to get you a basic internet connection but I'm wondering if there is now some additional configuration needed to allow the internet connection to be shared.

Bit of further background, the Watchguard is replacing an existing Draytek VDSL Router which was the original Default Gateway so I have set up the Watchguard with the same IP address as the Draytek Router (and of course unplugged the Draytek)

Would really appreciate some suggestions on this.

Many thanks