I’ve been having some real ‘fun’ with this today – with a /29 range you would expect to be able to configure an X550e with XTM 11.1 to be able to listen for incoming SSL connections on only 1 IP address – especially as the configuration screen for the SSL asks which address to listen to…. but no – it will listen on all, regardless. All I wanted to do was NAT 443 on the next available public IP to a server in the DMZ, but no – SSL grabs the connection first.

I even tried amending the auto created SSL rule to replace the ‘firebox’ under To to only listen to the IP I wanted. But no – the damn thing listens on all. Call currently open with WatcGuard whilst I scan the change notes in the later versions…

Just a few quick notes on my experience with Vista – the main reason I was forced onto Vista was because a customer had some Vista remote laptops and we needed to provide a hardware VPN solution.  As it was a small setup we normally just shove a WatchGuard in there as they are simple and do the job,  however WG were dragging their heels with a Vista compatible vpn client.

Cisco on the other hand, were already there.  Although only in Beta at the time of testing it worked straight away and connected up to the ASA.  From there after testing I left it on my laptop, instead of reverting back to XP.  I still use mainly XP as my main partition, and use Vista as the secondary.  The main reason is familiarity – when I’m out at a customer’s site troubleshooting a server or connectivity issue I don’t want to be learning a new OS at the same time!  So I thought I’d leave it on there and use it at my own will….which didn’t happen much.  In the end I started delving more into *nix.