Let me start by saying I am not very experienced with firewalls or watchguard. I was told by our IT director that we had a visitor to one of our meeting rooms that needed a iInternet connection. Before he was able to provide the visitor with the firewall IP address for authentication he was able to get out through a VPN. I guess we have a hole somewhere and need to close the port. The same IT director and a couple other users use a VPN from home to connect to the server. I am wondering how I can keep visitors from getting out this way without altering how the other users connect from home? I would also like to make sure that others cannot get through this hole. Can someone help me by telling me also which other ports I should have closed? I think when it was set up it was just done with a very "vanilla" configuration. Thanks for the help.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
VPN Port
- Thread starter scottdg
- Start date
The initial configuration when the FB is set up allows all outbound TCP and UDP traffic (you may notice a service labeled Outgoing in the Policy Manager). From a security standpoint, you should only allow out the traffic that needs out. It is more effort but also much more secure.
If this is not the case, v6 supports IPSec passthrough. This must also be configured though. Most likely it is the Outgoing service if you have the default config.
If this is not the case, v6 supports IPSec passthrough. This must also be configured though. Most likely it is the Outgoing service if you have the default config.
- Status
Similar threads
- Locked
- Question