Jump to content

Issue updating product - watchguard firewall


Go to solution Solved by wout,

Recommended Posts

Hey,

i have a question. I have in my setup a watchguard firewall. For now this is behind my router from the ISP.  So my external interface on the firewall is a internal IP i receive from this router. 

If I connect directly to the ISP router the update works fine. But if I connect using the watchguard the update just keeps on hanging....  Meaning, that it just never finishes. I checked the firewall settings and even put all the (outgoing) ports open, but nothing helps. Any ideas? Or is it because I am behind a router (so basically doing double routing)? 

Kr

W

Link to comment
Share on other sites

  • Administrators

Watchguard is known to cause update issues. Please find an excerpt from a ticket where the issue was tackled below:

HEAD request is sent, but no response is received within 60s. Do they use some firewall or http/web filtering solution in their network?

  • communication with update servers from the product doesn't work (http request is sent and acknowledged by the server (see ACK in the log), but no http response is received within 60s, looks like it's blocked)

I noticed their client machine is connected to WatchGuard HTTP Proxy (Firebox). For the beginning, bypass this device to isolate the problem. If bypassing WatchGuard helped, then connect to it again and check WatchGuard settings, mostly related to HTTP Proxy / exceptions and examine log messages for denied traffic. Resources:
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/http/http_proxy_about_c.html
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/http/http_allow_windows_updates_c.html
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/fsm/log_msgs_traffic_mon_wsm.html

 

That said, we cannot help with any network issues caused by Watchguard. If you cannot get it work, consider using another firewall.

Link to comment
Share on other sites

  • Solution

If anybody encounters this issue you can add *.eset.com as an exception in the http and https proxy of the watchguard. 

This solves it. 

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...