WatchGuard

7

Solutions

34

Contributors

Network threats can come from anywhere, at any time, and can take you down before you even know they’re there. Uniquely architected to be the industry’s smartest, fastest and most effective network security products, WatchGuard solutions put IT security pros back in charge of their networks with widely deployable, enterprise-grade security and threat visibility tools suitable for any organization, regardless of budget, size, or complexity. WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises.

Share tech news, updates, or what's on your mind.

Sign up to Post

I've got a Watchguard 500 series at the main office and a 2 series at a home office.  I've needed to setup a VPN between the two devices to get an IP phone to function properly.  

With the current home office setup I have one interface set as 'external' and connect the cable modem directly here.  Then I have a 2nd interface as 'trusted' which connects to the users home router.  The phone and computer connect to the home router and the VPN works fine.

At the new home office location however the home equipment is a cable modem/router combo - so I have no dedicated WAN port - just 4 LAN ports.

Maybe I'm over thinking this but I'm stumped on how to configure this with the different home router/cable modem combo.

I've been using 'mixed' mode and am wondering if I need to be using 'drop in' mode - ?
0
Retailers - Is your network secure?
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

I have a watchguard M400 (Fireware XTM 11.10) Firewall/Router with about 14 Branch Office VPN'c coming into it. We have a new software these BOVPN's need to access. There are two application servers running the software. I would like to load balance the connections to these servers. Can someone point me in the correct direction?
0
Recently we added a new TPG IPVPN Connection (MPLS Network with Hosted Firewall) to eth2 on our watchguard but cant get it to work properly (see attached picture)

For some reason i cannot ping any Sydney LAN IP Addresses (on 10.50.2.0/24 network) from QLD Office to Sydney Office.

What do i need to enable / configure on the wathguard so i can ping internal lan addresses from qld office ?

QLD Office LAN is on 10.4.26.0/24 network.
Sydney office LAN is on 10.50.2.0/24 network

From QLD office I can ping 210.10.228.14,210.10.228.13, 10.252.0.6, 10.252.0.5 OK, but if I try to ping the Watchguard LAN IP Address 10.50.2.90 or another device in the same Sydney network from QLD Office it times out. Any ideas ???

Sydney Office Watchguard Configuration is as follows:

I have 3 interfaces setup on my Watchguard x750e firewall with following parameters:

Eth0: IP: 210.10.228.14 (External) - This is connected to a ISP Managed Cisco 1900 Series Router. This is a routed subnet services TPG NBN Conneciton.
Gateway: 210.10.228.13
NetMask:255.255.255.252

Eth1: IP: 10.50.2.90 (Trusted)
Netmask: 255.255.255.0

Eth2: IP: 10.252.0.6 (External) - This is connected to a TPG NTU and is a IPVPN Connection. This also requires RIPv2 and has dynamic routing setup.
Gateway: 10.252.0.5
Netmask: 255.255.255.252
Dynamic Routing Configuration:
1. Enabled Dynamic Routing is enabled.
2. Enable RIP is enabled
Rip Configuration :
router rip
network 10.252.0.4/30
network …
0
Just a general question at this point...We have a network which is joined to another office using a branch office VPN with a Watchguard Firewall at one end and a Netgear VPN router at the other.  Do you know if it's possible to create a second permanent VPN connection from the Watchguard to a software PPTP VPN provided by Windows 2012 on a virtual hosted server?

Thanks
0
Hi,

I have a server running filezilla server and is configured with ftp over tls.

I know this server is fine because I can connect and upload files fine from a number of locations.   However I have an issue in one particular location behind a watchguard firewall.

The connection establishes successfully and sometimes it can upload a file or part of a file before it fails when configured to ftp over tls.
If I change to ftp it works fine.

I have read that this can sometimes be an mtu issue but don't know how or where to change this.   Please can anyone shed light on this.  

Attached is the filezilla server log and errors it sees.
0
Need some assistance with Watchguard XTM515 firewall configuration.  We are installing a new PBX and the vendor requires some port translation and I am having difficulty figuring out how to configure the firewall to accommodate the needs.

We need the following:

Port: 16000-16511 UDP to internal IP address 10.0.0.12,
Port 5060 UDP to internal IP address number 10.0.0.11,
Port 6050 UDP (SIP) needs port number conversion to port 5060UDP Port 2727 UDP (MGCP) to internal IP address number 10.0.0.11,
Port 9300 UDP (PTAP) to internal IP address number 10.0.0.11

The 1st, 2nd, and 3rd are straightforward.   The third line with the port translation is where I am having difficulty.

Any help would be appreciated.
0
I am trying to pass multicast traffic between 2 VLANs that are connected by a Watchguard firewall.  No matter what I do, I cannot see and multicast traffic on the "traffic monitor;" on the Watchguard.  I am using a Cisco 2960 with IGMP turned on.  I can stream to everyone in the same VLAN , just not to second VLAN (via watchguard).   Any ideas?
0
Trying to allow access to the game For Honor.

Watch guard is blocking the games I have checked traffic monitor.

2017-02-20 15:43:41 Deny 172.16.54.147 216.98.55.90 11085/udp 51031 11085 1-Trusted 0-External Denied 36 126 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"
2017-02-20 15:44:05 Deny 172.16.54.147 216.98.55.90 11080/udp 53387 11080 1-Trusted 0-External Denied 32 126 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"

I have allowed UDP ports 11080-11085 still blocks also put host address in exception list to no avail.

Any ideas?
0
I'm having an issue creating a WPAD file for IE11. It seems there is a lot on the web with lots of WPAD examples, but their all outdated as the IsInNet commands just don't work anymore.

I want the WPAD file to be able to go direct on certain URLS or domains and through the proxy for everything else. Now I've got something working but when users are on the VPN and try to access one of our websites it tries to resolve it via it's internal IP address as oppose to it's public address.

Also, for whatever reason all traffic seems to be going through the proxy, even though the firewall is configured not force all traffic through the tunnel.

Sorry if this is a bit complex, would appreciate any assistance, as I'm sure there must be someone out there that has created a WPAD file to properly work on IE11.  

Here is my WPAD example;

----------------------------------------------------------------
function FindProxyForURL(url, host)
{
if (
shExpMatch(host, "*.officeapps.live.com")||
shExpMatch(host, "*.officeapps.live.com")||
shExpMatch(host, "*broadcast.officeapps.live.com")||
dnsDomainIs(host, "sway.com")||
dnsDomainIs(host, "www.sway.com")||
dnsDomainIs(host, "eus-www.sway.com")||
dnsDomainIs(host, "eus-000.www.sway.com")||
dnsDomainIs(host, "eus-001.www.sway.com")||
dnsDomainIs(host, "eus-002.www.sway.com")||
dnsDomainIs(host, "office365.com")
)
return "DIRECT";
else { return "PROXY proxyaddress:8080; DIRECT";}
}

0

WatchGuard

7

Solutions

34

Contributors

Network threats can come from anywhere, at any time, and can take you down before you even know they’re there. Uniquely architected to be the industry’s smartest, fastest and most effective network security products, WatchGuard solutions put IT security pros back in charge of their networks with widely deployable, enterprise-grade security and threat visibility tools suitable for any organization, regardless of budget, size, or complexity. WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises.

Vendor Experts

Top Experts In
WatchGuard
<
Overall
>