Watchguard firewall


#1

Hy there,

We have a watchguard firewall, before we use UCS we have firewall configured with (what they call single sign on) that gives allow the watcvhguard convert ip to dn names of users and we can see what user does online.
This need install a watchguard app in the domain controller, this app will read the event log to do that conversion.

Any sugestion how to have this with ucs?

For what i know ucs/linux don’t have event log viewer… so i don’t see what that can be done, but leave the question, maybe someone have the same issue.

Thanks


#2

Hi,

I guess this “app” is a Windows tool and we don’t know yet what it does and which requirements it has. We can therefore not say for sure if it is worth trying to install it on a Windows server or client.

Typical Firewall appliances have the ability to specify a Syslog-host. Any Linux system may act as a destination for this. It may be required to open firewall ports, usually 514 TCP/UDP on the syslog server.
There is a lot of information available online for this topic. Just search for “linux remote syslog server”.

Best Regards,
Dirk Ahrnke


#3

Yes is a windows app.

I alreay ask to wathguard and they say their single sign on doesn’t work with linux :confused:

Is really a pain in the a## i’m planning moving all my domain to a single ucs domain and now i’m stuck with this


#4

Can you provide a link/descriptions which explains more detailed what this combination of Firewall and Application does and how it works?


#5

Here you can find the windows app that should be installed in domain server
http://www.watchguard.com/help/docs/fireware/11/en-US/Content/en-US/authentication/sso_about_c.html

They have an “alternative solution” to that, but i don’t consider it, the users should autenticate before use internet… that is just “wrong” to our users…

http://www.watchguard.com/help/docs/fireware/11/en-US/Content/en-US/authentication/global_auth_settings_c.html

For mobile users, visitors etc that don’t have ad user but use our internet for some reason… it isn’t work that way for us…


#6

You might have a chance to install the SSO Agent on a Windows Computer which is member of your UCS/Samba 4 domain.
The Event Log Monitor appears to read Windows Event Logs only.


#7

That was my reading, but doesn’t work.

It is true that the app will read the event viewer, but must be the event viewer of the domain controller, is there that the information of logged on users/ip is keep, a windows member computer doesn’t have the loggin from all users.


#8

It appears that this is one of the usecases which will not work with UCS.