Operational Defect Database
BugZero found this defect 1850 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3SmSAI
Firebox applies NAT with external interface IP address to outbound HTTPS proxy traffic
Last update date:
4/26/2019
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
12.x
12.4.x
Fixed releases:
All
Description:
Issue
When the Firebox allows outbound connections through an HTTPS proxy policy, the Firebox always applies NAT to traffic with the external interface IP address. The Firebox ignores both the global and any per-policy Dynamic NAT configuration.
Workaround/Solution
If you must specify the source IP address for outbound HTTPS traffic, or allow outbound HTTPS traffic without Dynamic NAT, you must configure a packet filter policy for HTTPS for that traffic.
