ClioSport.net
Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
-
When you purchase through links on our site, we may earn an affiliate commission. Read more here.
Watchguard Firebox Firewall - configuration issue
- Thread starter Longy
- Start date
182FF with cup packs
Yeah, and I fecking hate them. They are a pile of shite. It's a firewall designed by someeone who's never seen a firewall before but had the conecpt explained to them by someone who has seen a firewall, but english isn't their first language. 
anyway, what version and what you trying to do?
anyway, what version and what you trying to do?
welshname
ClioSport Club Member
Yeah, and I fecking hate them. They are a pile of shite. It's a firewall designed by someeone who's never seen a firewall before but had the conecpt explained to them by someone who has seen a firewall, but english isn't their first language.
anyway, what version and what you trying to do?
perfect description.
Yeah i'm not a fan of them to be honest!
It's just a simple port redirection from external to an internal PC (customer RDP to a internal machine) its working on three machines but not on this one.
a working policy - users RDP's to 111.111.111.111:5020
services.32.icon: userico.gif
services.32.incoming.deny.hostile: 0
services.32.incoming.filter: allow
services.32.incoming.hosts.external:
services.32.incoming.hosts.internal:
services.32.incoming.log.enable: 0
services.32.incoming.nat: external-192.168.1.82:3389
services.32.name: LorenRemote
services.32.outgoing.filter: allow
services.32.outgoing.hosts.external:
services.32.outgoing.hosts.internal:
services.32.outgoing.log.enable: 0
services.32.port_number: 5020
services.32.protocol: tcp
services.32.service: custom
services.32.type: filter
services.32.userdefined: 1
New Policy that doesnt work - user RDP's to 111.111.111.111:5060
services.41.icon: userico.gif
services.41.incoming.deny.hostile: 0
services.41.incoming.filter: allow
services.41.incoming.hosts.external:
services.41.incoming.hosts.internal:
services.41.incoming.log.enable: 0
services.41.incoming.nat: external-192.168.1.26:3389
services.41.name: PeteRemote2
services.41.outgoing.filter: allow
services.41.outgoing.hosts.external:
services.41.outgoing.hosts.internal:
services.41.outgoing.log.enable: 0
services.41.port_number: 5060
services.41.protocol: tcp
services.41.service: custom
services.41.type: filter
services.41.userdefined: 1
I get a deny in the firewall log.
i tried a firewall reboot, The PC is accepting RDP connections as I can VPN in and connect to the IP 192.168.1.26
Firewall 10.2.11
Sep 8 2009
build 238688
Model X20e
Serial Number xxxxxxxxxxxxxxxxxxxxx
It's just a simple port redirection from external to an internal PC (customer RDP to a internal machine) its working on three machines but not on this one.
a working policy - users RDP's to 111.111.111.111:5020
services.32.icon: userico.gif
services.32.incoming.deny.hostile: 0
services.32.incoming.filter: allow
services.32.incoming.hosts.external:
services.32.incoming.hosts.internal:
services.32.incoming.log.enable: 0
services.32.incoming.nat: external-192.168.1.82:3389
services.32.name: LorenRemote
services.32.outgoing.filter: allow
services.32.outgoing.hosts.external:
services.32.outgoing.hosts.internal:
services.32.outgoing.log.enable: 0
services.32.port_number: 5020
services.32.protocol: tcp
services.32.service: custom
services.32.type: filter
services.32.userdefined: 1
New Policy that doesnt work - user RDP's to 111.111.111.111:5060
services.41.icon: userico.gif
services.41.incoming.deny.hostile: 0
services.41.incoming.filter: allow
services.41.incoming.hosts.external:
services.41.incoming.hosts.internal:
services.41.incoming.log.enable: 0
services.41.incoming.nat: external-192.168.1.26:3389
services.41.name: PeteRemote2
services.41.outgoing.filter: allow
services.41.outgoing.hosts.external:
services.41.outgoing.hosts.internal:
services.41.outgoing.log.enable: 0
services.41.port_number: 5060
services.41.protocol: tcp
services.41.service: custom
services.41.type: filter
services.41.userdefined: 1
I get a deny in the firewall log.
i tried a firewall reboot, The PC is accepting RDP connections as I can VPN in and connect to the IP 192.168.1.26
Firewall 10.2.11
Sep 8 2009
build 238688
Model X20e
Serial Number xxxxxxxxxxxxxxxxxxxxx
Yeah, and I fecking hate them. They are a pile of shite. It's a firewall designed by someeone who's never seen a firewall before but had the conecpt explained to them by someone who has seen a firewall, but english isn't their first language.
anyway, what version and what you trying to do?
True story.
Have you tried altering the order of policies?
As if one higher contradicts your current policy this could knock it out.
I take it your cant change the order with the web interface GUI?
Seems to be allowing it in now, but still cant establish a connection:
Dec 3 16:12:18 kernel allow in eth0 48 tcp 20 114 myip.myip.myip.myip 192.168.1.26 7485 3389 syn (PeteRemote2)
Dec 3 16:12:12 kernel allow in eth0 52 tcp 20 114 myip.myip.myip.myip 192.168.1.26 7485 3389 syn (PeteRemote2)
Dec 3 16:12:09 kernel allow in eth0 52 tcp 20 114 myip.myip.myip.myip 192.168.1.26 7485 3389 syn (PeteRemote2)
Seems to be allowing it in now, but still cant establish a connection:
Dec 3 16:12:18 kernel allow in eth0 48 tcp 20 114 myip.myip.myip.myip 192.168.1.26 7485 3389 syn (PeteRemote2)
Dec 3 16:12:12 kernel allow in eth0 52 tcp 20 114 myip.myip.myip.myip 192.168.1.26 7485 3389 syn (PeteRemote2)
Dec 3 16:12:09 kernel allow in eth0 52 tcp 20 114 myip.myip.myip.myip 192.168.1.26 7485 3389 syn (PeteRemote2)
welshname
ClioSport Club Member
windows firewall is blocking rdp??? are you sure its checked in system properties?
182FF with cup packs
That's what watchguards do. :dapprove:
