Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

WatchGuard

Network threats can come from anywhere, at any time, and can take you down before you even know they’re there. Uniquely architected to be the industry’s smartest, fastest and most effective network security products, WatchGuard solutions put IT security pros back in charge of their networks with widely deployable, enterprise-grade security and threat visibility tools suitable for any organization, regardless of budget, size, or complexity. WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi,

Can anyone please tell me step by step how to stop a Watchguard XTM25 from blocking downloads of EXE files from a server hosted website (so need to add an exception as an IP address) .

Many thanks

Adam
0
Are You Ready for GDPR?
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

I know very little about watchguards (or really most complex firewalls).  I have 2 watchguards in location A and location B.  looking at the policies on the main office's watchguard, I have 16 rules.  wonder which are needed?  

This is an XTM21 (old unit, right?)

it takes a few seconds to go from screen to screen / get the list of firewall policies, etc. 'retrieving data' on screen for 9 seconds... there's 16 policies in the list.  Is that a long time for pages to load?

a) do you just replace watchguards after x years because they are old?
b) do you reboot them on a schedule? How often? every week? month? year?

This watchguard is set up for:Exchange on the SBS server on the LAN, General surfing from inside the office, VPN to the other location and phones being able to connect to the exchange server from outside.

How many rules should those take?

Looking at the policies, I think this is what are set up. I inherited this network so may be unneeded / defaults that came with the box?
FTP OUTboundSMTP (192.168.2.3 to Any external)
GeneralProxy (From HTTP-proxy to ANY  Trusted)
SMTPtoMailSrv (From ANY to 75.127.x.x->192.168.2.3)
HTTPtoMAILSrv (From ANY to 75.127.x.x->192.168.2.3)
POP3toMailsrv (From ANY to 75.127.x.x->192.168.2.3)
IMAPtoMailsrv (From ANY to 75.127.x.x->192.168.2.3)
HTTPStoMailsrv (From ANY to 75.127.x.x->192.168.2.3)
RDPtoMAILsrv (From ANY to 75.127.x.x->192.168.2.3)
Voicecom mail system (From ANY to 75.127.x.x->192.168.2.3)
Watchguard …
0
Hi
I have to enable TLS 1.0, 1.1 and 1.2 in Internet Explorer on my laptop before a VPN can connect? how can I change this settings so I don't have to enable these in IE?

Thanks
0
Hate to admit how little I know about UTMs .

Have a watchguard UTM (X10e), that I am trying to make changes in a firewall policy for people to access a new camera system that requires different ports than the old camera system.

FIgured I'd just edit the existing policy that someone else set up - the new system will get the same IP as the old system.... I just need to change the ports.  the old system used different ports than the new one.

I go into the web UI (192.168.1.1:8080), log in as admin go to firewall / firewall policies.  On that screen, I highlight the camera policy and choose the edit button.

The policy loads but I don't see how I delete existing ports / add ports on the properties page... There's a watchguard  program I could (need??) to use?  There's no add / remove buttons on the properties page, like on the policy page.

Am I missing something?  

By the way, I keep saying I need to learn UTMs.... any thoughts on Watchguard vs other brands?   Best way to learn about how to use / manage them?
0
I've got a Watchguard 500 series at the main office and a 2 series at a home office.  I've needed to setup a VPN between the two devices to get an IP phone to function properly.  

With the current home office setup I have one interface set as 'external' and connect the cable modem directly here.  Then I have a 2nd interface as 'trusted' which connects to the users home router.  The phone and computer connect to the home router and the VPN works fine.

At the new home office location however the home equipment is a cable modem/router combo - so I have no dedicated WAN port - just 4 LAN ports.

Maybe I'm over thinking this but I'm stumped on how to configure this with the different home router/cable modem combo.

I've been using 'mixed' mode and am wondering if I need to be using 'drop in' mode - ?
0
Set up Watachguard BOVPN and seems to connect yet not traffic is being passed.  See attached
BOVPN.JPG
0
I have a watchguard M400 (Fireware XTM 11.10) Firewall/Router with about 14 Branch Office VPN'c coming into it. We have a new software these BOVPN's need to access. There are two application servers running the software. I would like to load balance the connections to these servers. Can someone point me in the correct direction?
0
Been battling this for 2 days.

Sat morning at 6:30 am was receiving email from filter service Fusemail to server. At 7 am noticed emails being deferred and building up in a queue on Fusemail Portal. Nothing changed in these 15 minutes. Fusemail's portal says "error reading banner" on public IP of server and the remote. OWA mx record.

I have done the following to troubleshoot,

Rebooted several times.
Recreated default receive connectors,
Looked thru the IIS system, no issues.
Exchange 2010 IS sending emails as normal.
Double checked the MX records for Fusemail, They are accurate,
Entered the ip addresses of Fusemail servers in the Watchguard T30 FIrewall box to send mail to port 25 (they were NOT there before  but emails were coming in)
Can go to canyouseeme.org and enter the public IP and port 25, and it is OPEN,

All emails were coming in before any changes made. They simply stopped and they are of no real help, just saying "your server is not allowing connections".

If I cannot find the answer here, they are getting migrated to Office 365 asap.. They, like other businesses cannot be down on email for days..

Any ideas?
0
Just a general question at this point...We have a network which is joined to another office using a branch office VPN with a Watchguard Firewall at one end and a Netgear VPN router at the other.  Do you know if it's possible to create a second permanent VPN connection from the Watchguard to a software PPTP VPN provided by Windows 2012 on a virtual hosted server?

Thanks
0
Hello EE Members,

I need access to a watchguard xtm 330 but I don't have the passwords for the admin/user accounts and I was wondering if it is possible to reset a watchguard xtm 330 admin or a user password without doing a factory reset or loosing any of it's settings

Regards,
Paul
0
Looking for the Wi-Fi vendor that's right for you?
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Does anybody know how to connect to a laptop in a remote location that is connected to the network via an SSL VPN client.  The laptop connects to a Watchguard Firewall [System manager v 11.9.4] via an SSL VPN client v11.9.3.
0
Hi

I have a group of users who regularly travel with their laptops and i want to be able to have more control on what they are browsing when away from the network.

At the moment when they are in the office they go out through our Watchguard which acts as a transparent proxy and has Websense setup to filter what they can see.

In addition to this when they are connected via SSL VPN externally the traffic is forced down the tunnel and again they use the transparent proxy.

The problem i have though is if they dont connect to the VPN when say in a hotel they can browse what they want.

Is there a way that i can stop browsing access unless they are connected through the VPN.

I know that we could specifiy a proxy in the internet settings but because the Watchguard is a transparent proxy i dont believe this would work.

Any advice would be great.

thanks
0
On a Cisco ASA, if I need to allow the traffic to come in on an interface and leave on the same interface I need to use the following command:

same-security-level permit intra-interface

Now on a watchgaurd firewall, (I'm not very familiar with the watchguard), how do I do this exact same thing?  Any assistance would be greatful.  Thanks!
0
Hi I am receiving this bounce back email error.

The error that the other server returned was: 552 Requested mail action aborted: exceeded storage allocation

trying to send PDF attachments  larger then 7 MB . I attached the Watch Guard and Exchange SMTP settings, they are set to 20 MB.

The line length in Watch Guard is set to 9000 changed from 1000 and I still keep getting this bounce back error.

I tried sending from gmail and Outlook exchange and sending to different email addresses on the same server and I still get the same bounce back error.

Please Help, Thanks!
WGsmtp.png
EXCHsmtp.png
0

WatchGuard

Network threats can come from anywhere, at any time, and can take you down before you even know they’re there. Uniquely architected to be the industry’s smartest, fastest and most effective network security products, WatchGuard solutions put IT security pros back in charge of their networks with widely deployable, enterprise-grade security and threat visibility tools suitable for any organization, regardless of budget, size, or complexity. WatchGuard has deployed nearly a million of its integrated, multi-function threat management appliances worldwide, to businesses that range from SMEs to large distributed enterprises.

Vendor Experts