Operational Defect Database
BugZero found this defect 349 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA16S000000gDC2SAM
With multi-WAN enabled, websites that use TLS 1.3 might fail to load for Mobile VPN with SSL users
Last update date:
6/5/2023
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
All
Description:
Issue
When Mobile VPN with SSL is set to force all client traffic through tunnel, and the Firebox has multi-WAN enabled, websites that use TLS 1.3 might fail to load through HTTPS-proxy policies.
Workaround/Solution
Configure an SD-WAN action in the HTTPS-proxy to send outbound traffic through only the primary External interface. Alternatively, force the use of TLS 1.2 in the web browser.
