Installing Watchguard XTM2 25 on My Network...Blocking Miner Traffic

[luckypyrate]

I have been P2Pool mining steadily for about a year now and decided to upgrade my security to a WatchGuard XTM2 25w.  I got everything set up fine and everything works great, except no matter what I SNAT,  Policy, etc, it still blocks my miners.  I have 5 Ant miner S1's and 2 S3's.  Any ideas?

Sorry if this is not the right spot to post, but it seemed most relevant to me.

[Ren13B]

If you are in the Policy Manager add a policy, select custom, new...  Give it a name and click Add...  Under Protocols select Any and click OK.  Click Add... button.  Open up the policy you just created and add your miners ip addresses in the From section or you can just add your entire network.  Add Any to the To section.  Make sure the security stuff is unselected like Application Control and IPS and then click OK.  Check the positioning of the rule and move it to the top if it's not there already.  Save the config and you should be good to go.  
  

[luckypyrate]

Thank you for your reply.  I set up the watchguard with a bridge on the other 3 ports to a trusted bridge group which I am thinking is contributing to the problem.  I have reset the watchguard and will try again tonight.

[Stoic Joker]

I've got 2 XTM25's with a CIDR block DMZ'd between them, and am running 2 S2's behind then in the LAN. Nothing special should be required to get them running, unless you're running some type of web filtering for users on the XTM25. In that case you policy order becomes critical, as the miners-bypass-filter allow rules would need to be at the top of the rule list (e.g. evaluated first) to ensure they could get their requests out to the web.

On some of the WatchGuard routers there is a policy analysis tool that will tell you what rule can/will block traffic to/from internal and external targets.

Also be sure that the DNS servers used by the miners aren't being filtered/restricted in case the pool isn't in the allowed sites list.