WatchGuard

Network threats can come from anywhere, at any time, and can take you down before you even know they’re there. Uniquely architected to be the industry’s smartest, fastest and most effective network security products, WatchGuard solutions put IT security pros back in charge of their networks with widely deployable, enterprise-grade security and threat visibility tools suitable for any organization, regardless of budget, size, or complexity. WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises.

Share tech news, updates, or what's on your mind.

Sign up to Post

Microsoft updates are getting too large and take too long to download. I work for a school and we have over 250 windows computers that share 100MB internet and they take a long time to update and update at bad times. i am trying to create a wsus server, but keep getting connection errors. we have a xtm525 watchguard firewall and was told there may be a way to prevent the updates at different times. is this correct? Does anyone know how?

thank you
0
Need protection from advanced malware attacks?
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Good Day,
We have a WatchGuard XTM-22 at one our schools and it is not working - we have no internet access for any device on our network.
Here is the setup for this unit:

Port 0 - Main internet feed
Port 1 - to our internal network
Port 2 - Mgmt
Port 3-  Another internet feed DSL
Port 4 - unused
Port 5 - Another internet feed DSL

(We have very limited / poor internet speeds available in this remote community.  The IT Consultant before we took over was able to configure the unit to use the internet feeds from Ports 0 and 5, which is all that could be used at the time.  Port 3 feed is redundant and can be used as a backup for port 5 by switch cables).

Right now, here is the status of the lights on the front of the WatchGuard unit, going from left to right:

Failover:  Flashing green
WAP:  Off

Ports 5,4,3:  Both Link and 100/1000 lights off
Ports 2,1,0:  Both Link and 100/1000 lights flashing green in unison

Status:  Solid Red
Attn:  Solid Orange
Mode;  Flashing Green
Power:  Solid Green

I have tried to connect my laptop via RJ45 cable directly to Port 2 to access the unit, but there is no activity on this link and I don't get a DHCP address.   Web browser access to both the external IP and internal IP addresses won't work either.

Any suggestions on what is causing this problem?  I have no experience with this particular unit and the network setup is quite convoluted - five VLANs.  I think there is a backup config file from about a year ago.
0
I have an Exchange 2013 server behind a WatchGuard M200 Firewall. Both have appropriate SSL certificates installed, and the WatchGuard is configured as an SMTP proxy.

Everything works brilliantly, except, email from two domains is not received. Everyone else works absolutely fine. I am unclear why.

On the Exchange end, the logs for working emails end like this:

250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
,Proxy destination(s) obtained from OnProxyInboundMessage event
"250 2.6.0 <CALsXffyfLq_=XyviTgL9AFYCZ0T2UBBFq8rH5ppQoBzSKUSO3Q@mail.gmail.com> [InternalId=85388244811933, Hostname=EXCHANGESERVER.DOMAIN.LOCAL] Queued mail for delivery"
QUIT
221 2.0.0 Service closing transmission channel
,Local

Open in new window


However, for two domains, the conversation ends like this:

250 2.1.5 Recipient OK
DATA
354 Start mail input; end with <CRLF>.<CRLF>
,Local

Open in new window


It looks as though the sender has been given permission to go ahead with sending their message, and then not done so. However, the message is attempted a few dozen times, about ten minutes apart, before the sender gives up.

On the WatchGuard end, there is one difference between how senders show in logs.

For the working senders, I see lines for both 'ProxyMatch, ProxyAllow:’ and then ‘ProxySMTPReq’, however, for broken senders, I see just ProxyMatch, which is not followed up with ProxySMTPReq.

One of the broken senders is coming from Office 365, however, so are dozens of other senders, so I don't think the issue is there.

Any advice?
0
Recently we added a new TPG IPVPN Connection (MPLS Network with Hosted Firewall) to eth2 on our watchguard but cant get it to work properly (see attached picture)

For some reason i cannot ping any Sydney LAN IP Addresses (on 10.50.2.0/24 network) from QLD Office to Sydney Office.

What do i need to enable / configure on the wathguard so i can ping internal lan addresses from qld office ?

QLD Office LAN is on 10.4.26.0/24 network.
Sydney office LAN is on 10.50.2.0/24 network

From QLD office I can ping 210.10.228.14,210.10.228.13, 10.252.0.6, 10.252.0.5 OK, but if I try to ping the Watchguard LAN IP Address 10.50.2.90 or another device in the same Sydney network from QLD Office it times out. Any ideas ???

Sydney Office Watchguard Configuration is as follows:

I have 3 interfaces setup on my Watchguard x750e firewall with following parameters:

Eth0: IP: 210.10.228.14 (External) - This is connected to a ISP Managed Cisco 1900 Series Router. This is a routed subnet services TPG NBN Conneciton.
Gateway: 210.10.228.13
NetMask:255.255.255.252

Eth1: IP: 10.50.2.90 (Trusted)
Netmask: 255.255.255.0

Eth2: IP: 10.252.0.6 (External) - This is connected to a TPG NTU and is a IPVPN Connection. This also requires RIPv2 and has dynamic routing setup.
Gateway: 10.252.0.5
Netmask: 255.255.255.252
Dynamic Routing Configuration:
1. Enabled Dynamic Routing is enabled.
2. Enable RIP is enabled
Rip Configuration :
router rip
network 10.252.0.4/30
network …
0
Hi,

I have a server running filezilla server and is configured with ftp over tls.

I know this server is fine because I can connect and upload files fine from a number of locations.   However I have an issue in one particular location behind a watchguard firewall.

The connection establishes successfully and sometimes it can upload a file or part of a file before it fails when configured to ftp over tls.
If I change to ftp it works fine.

I have read that this can sometimes be an mtu issue but don't know how or where to change this.   Please can anyone shed light on this.  

Attached is the filezilla server log and errors it sees.
0
Need some assistance with Watchguard XTM515 firewall configuration.  We are installing a new PBX and the vendor requires some port translation and I am having difficulty figuring out how to configure the firewall to accommodate the needs.

We need the following:

Port: 16000-16511 UDP to internal IP address 10.0.0.12,
Port 5060 UDP to internal IP address number 10.0.0.11,
Port 6050 UDP (SIP) needs port number conversion to port 5060UDP Port 2727 UDP (MGCP) to internal IP address number 10.0.0.11,
Port 9300 UDP (PTAP) to internal IP address number 10.0.0.11

The 1st, 2nd, and 3rd are straightforward.   The third line with the port translation is where I am having difficulty.

Any help would be appreciated.
0
I am trying to pass multicast traffic between 2 VLANs that are connected by a Watchguard firewall.  No matter what I do, I cannot see and multicast traffic on the "traffic monitor;" on the Watchguard.  I am using a Cisco 2960 with IGMP turned on.  I can stream to everyone in the same VLAN , just not to second VLAN (via watchguard).   Any ideas?
0
Trying to allow access to the game For Honor.

Watch guard is blocking the games I have checked traffic monitor.

2017-02-20 15:43:41 Deny 172.16.54.147 216.98.55.90 11085/udp 51031 11085 1-Trusted 0-External Denied 36 126 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"
2017-02-20 15:44:05 Deny 172.16.54.147 216.98.55.90 11080/udp 53387 11080 1-Trusted 0-External Denied 32 126 (Unhandled Internal Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"

I have allowed UDP ports 11080-11085 still blocks also put host address in exception list to no avail.

Any ideas?
0
I'm having an issue creating a WPAD file for IE11. It seems there is a lot on the web with lots of WPAD examples, but their all outdated as the IsInNet commands just don't work anymore.

I want the WPAD file to be able to go direct on certain URLS or domains and through the proxy for everything else. Now I've got something working but when users are on the VPN and try to access one of our websites it tries to resolve it via it's internal IP address as oppose to it's public address.

Also, for whatever reason all traffic seems to be going through the proxy, even though the firewall is configured not force all traffic through the tunnel.

Sorry if this is a bit complex, would appreciate any assistance, as I'm sure there must be someone out there that has created a WPAD file to properly work on IE11.  

Here is my WPAD example;

----------------------------------------------------------------
function FindProxyForURL(url, host)
{
if (
shExpMatch(host, "*.officeapps.live.com")||
shExpMatch(host, "*.officeapps.live.com")||
shExpMatch(host, "*broadcast.officeapps.live.com")||
dnsDomainIs(host, "sway.com")||
dnsDomainIs(host, "www.sway.com")||
dnsDomainIs(host, "eus-www.sway.com")||
dnsDomainIs(host, "eus-000.www.sway.com")||
dnsDomainIs(host, "eus-001.www.sway.com")||
dnsDomainIs(host, "eus-002.www.sway.com")||
dnsDomainIs(host, "office365.com")
)
return "DIRECT";
else { return "PROXY proxyaddress:8080; DIRECT";}
}

0

WatchGuard

Network threats can come from anywhere, at any time, and can take you down before you even know they’re there. Uniquely architected to be the industry’s smartest, fastest and most effective network security products, WatchGuard solutions put IT security pros back in charge of their networks with widely deployable, enterprise-grade security and threat visibility tools suitable for any organization, regardless of budget, size, or complexity. WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises.

Vendor Experts