Watchguard Firewalls Can Kiss My Hiney

For the last two days, I’ve been racking my brain on a port routing issue on my old Watchguard firewall. Folks were complaining that they couldn’t make online bookings. I ping the server internally, and it appears to be responding on the port just fine. I go off-network to a few different sites to test it, and the SSL port isn’t routing on the firewall, despite the firewall logs saying it was. So I resetup the port forwarding on the firewall, still wasn’t going through. Since you have to pay a great deal of money to get upgrades to an older Watchguard firewall, or even to look at the support pages I need, I just took the firewall offline and things worked again. Since I’m not about to let the network sit open without a firewall, I had to get a new one up and running fast (as we do a good deal of business with online bookings).

I scrounged around for some parts. I managed to find an old Slot1 Pentium 2 motherboard, and I had an old Celeron 333 sitting in a closet. Found a few sticks of ram, grabbed a couple of old network cards, found an old 2-gig hard drive and CD-ROM drive in my desk drawer (I really need to clean out my desk), burned the SmoothieMods Fix 1-7 ISO, grabbed an old Dell case from the closet and built myself another Smoothwall box (which I’ve had good luck with before). After about 45 minutes of building and installing, the thing was up and running, and ports were routing perfectly. After a few more hours of tweaking, I’ve got a bunch of modifications, tweaks, and features installed that my Watchguard never had, performance is great, and management is easy (and actually works in Firefox, which I can’t say about the web interface for my Watchguard).

So Watchguard, you’ll never be in this office again, or any other office I deal with. If it can’t be done with an Smoothwall box and a bit of hacking, it can’t be done, so I’m not about to encourage anyone to pay for those things again.