About the WatchGuard Authentication (WG-Auth) Policy

The WatchGuard Authentication (WG-Auth) policy is automatically added to your XTM device configuration when you add the first policy that has a user or group name in the From list on the Policy tab of the policy definition. The WG-Auth policy controls access to port 4100 on your XTM device. Your users send authentication requests to the device through this port. For example, to authenticate to an XTM device with an IP address of, your users type in the web browser address bar.

If you want to send an authentication request through a gateway device to a different device, you might have to add the WG-Auth policy manually. If authentication traffic is denied on the gateway device, you must use Policy Manager to add the WG-Auth policy. Modify this policy to allow traffic to the IP address of the destination device.

For more information on when to modify the WatchGuard Authentication policy, see Use Authentication to Restrict Incoming Traffic.

See Also

About User Authentication

Add Policies to Your Configuration

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base