Each month we publish numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in December:

Articles

• Access Point cannot connect to WatchGuard Cloud or does not appear in your WatchGuard Cloud account
• AuthPoint User Activity report does not show data for inactive users
• Cannot upgrade or downgrade AP120, AP320, AP322 in Wi-Fi Cloud v11.0
• How can I check if WatchGuard products and services have an outage?

Known Issues

• Access point becomes inaccessible after you enable Captive Portal
• Cannot configure an M690 FireCluster that uses eth8/eth9 as cluster interfaces
• Kaseya VSA plug-in configuration might fail in some environments
• TDR reports fail to generate with error message "Failed - Error generating report content"
• Traffic Monitor fails to show traffic logs after 1 December 2021

Security Issue

• Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)

Late last week security researchers disclosed a critical, unauthenticated remote code execution (RCE) vulnerability in log4j2, a popular and widely used logging library for Java applications. CVE-2021-44228 scores the maximum 10.0 on the Common Vulnerability Scoring System (CVSS) due to a combination of how trivial the exploit is and the potential for significant damage. Since Friday, the WatchGuard Security operations team has been sharing details about the vulnerability along with any potential impact on WatchGuard products at the Secplicity blog. We've also updated a Knowledge Base article with details. 

IPS Signature Update
WatchGuard has released new IPS signatures to detect exploits of the vulnerability. Please make sure that all your WatchGuard appliances are configured to receive the latest IPS signature sets: 

• Fireware v12.6.2 and higher:  IPS v18.188
• Fireware v12.6.1 and lower: IPS v4.1232 

Are WatchGuard products impacted?  
The WatchGuard engineering team is doing a comprehensive review of all our products: 

• Firebox, WatchGuard System Manager, and Dimension - Not affected
• WatchGuard EPDR and Panda AD360 - Not affected

Some product components in WatchGuard Cloud were running a vulnerable version of log4j2, but use a version of JVM that is not vulnerable to the common and trivial LDAP attack vector. We have updated these components out of an abundance of caution.

• AuthPoint - Updated
• Threat Detection and Response - Updated
• Wi-Fi Cloud - Updated

We are continuing to investigate internally for any additional potential impact. Please continue to check Secplicity and the KB article for latest updates. 

Each month we publish numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in November:

Articles

• About Wi-Fi in WatchGuard Cloud
• About Wi-Fi in WatchGuard Cloud access point licenses
• How do I find my partner account ID?
• How to add Datto access points to the Approved AP Vendors list in an Authorized WiFi Policy
• Logins to websites that use OAuth2/OpenID fail with "all proposed authentication schemes denied" error
• Manage additional users for a Wi-Fi Cloud account
• Maximum wireless clients supported for Wi-Fi in WatchGuard Cloud access points

Known Issues

• Access points might reboot due to excessive ARP requests on the network
• Access Point VPN fails to connect when the Firebox VPN settings use a domain name of 16 characters or greater
• Add device to Management Server fails with "unknown error status"
• AuthPoint does not update or delete synced Azure Active Directory user accounts
• macOS Monterey 12.x does not support the AuthPoint Logon App
• Mobile VPN with IKEv2 client profile installation issue on macOS Monterey 12.x
• Mobile VPN with SSL connections fail on computers with Webroot AntiVirus

New or Updated Video Tutorials

• VPN Connectivity for Access Points

Each month we publish numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in October:

Articles

• Certificate warnings when you browse to websites that use Let's Encrypt certificates through HTTPS proxies with content inspection
• Firebox compatibility with Let's Encrypt web server certificates
• Installation of WatchGuard Endpoint Security on macOS Monterey devices requires user configuration
• macOS Monterey 12.x software compatibility
• Windows 11 software compatibility

Known Issues

• Cannot apply configuration template to fully managed T20, T40,or T80 (Error:unable to validate configuration)
• Cannot download or schedule Health category reports in Dimension
• CLI command does not disable hardware encryption on the Firebox T80 and Firebox M290
• Content inspection incorrectly validates certificates that use imported general use CA certificates
• Crashes occur when link aggregation interface is used for FireCluster management
• Firebox M390 memory usage increases over time with Mobile VPN users
• Installer scripts and alert templates from the Endpoint Security Plug-in are not configured in ConnectWise Automate
• Network security scan shows TLS 1.0/TLS 1.1 connections allowed to AuthPoint Gateway service ports
• Some proxy and service cache sizes are incorrectly sized for the Firebox M390, M590, and M690
• WatchGuard Cloud Detail reports download as a ZIP archive of CSV files with randomized data

Each month we publish numerous new articles and known issues to the WatchGuard Knowledge Base. Here is the new content published in August:

Articles

• Access Portal RDP Connection Recommendations
• AT&T USB800 modem connects and disconnects from Firebox

Known Issues

• Built-in mobile VPN client cannot connect if the RADIUS name exceeds 15 characters
• Cannot enter a custom LDAP Login Attribute in Fireware Web UI
• FSM Front Panel does not load for T80 FireCluster