Browse the Web UI or the tools in WatchGuard System Manager and click Help on any page or dialog box to learn more about the management, monitoring, and security features of your Firebox. Fail Over — Lights when there is a WAN failover from the primary external interface to the backup interface.
WAP - Wireless models only Lights when the device is activated as a wireless access point or as a wireless client. Network interface status indicators — The Firebox T15 has five network interfaces. There are two status indicators for each interface. Status — Shows when there is a management connection to the device. The Status indicator is lit for 30 seconds after you connect to the device with the Fireware Web UI or the command line interface.
It is also lit when the device is polled by WatchGuard System Manager. Mode — Shows the status of the external network connection. If the device can connect to the external network and send traffic, the indicator is green. The indicator flashes if the device cannot connect to the external network and send traffic.
Attn — Lights when you start the device with the Reset button pressed. Power — The power indicator is lit when the device is on. If you ever need to, you can restore your Firebox to its factory-default settings. For example, if you do not know the administrator account passphrase or you want to start over with a new configuration, you can reset your Firebox. Make sure you back up your Firebox configuration before you reset your Firebox in case you want to restore it in the future.
For information about how to reset your Firebox, see the Firebox T15 Hardware Guide , available at: www. Lorsque vous.
Rufen Sie die Website www. Melden Sie sich mit dem Benutzernamen admin und dem Kennwort readwrite an. Installieren Sie die Firebox in Ihrem Netzwerk. Mode — Zeigt den Status der externen Netzwerkverbindung an.
Before you cre- ate these rules, you must install your Firebox. To create a basic configuration, use your web browser to connect to the web pages on the Firebox X Edge. You can also type the URL directly into the address bar and press the Enter key.
HTTP mode is less secure, because any configuration changes you make are sent to the Firebox in unencrypted text. Using the navigation bar On the left side of the System Status page is the navigation bar you use to get to other Firebox X Edge configuration pages. A green triangle appears adjacent to the active network. It also shows any configured routes and has buttons you can use to change configurations and to see network statistics.
It has buttons to change configurations, add upgrades, and see the configuration file. Page 50 Optional: Make one or more security services for outgoing traffic from the trusted to the optional network.
Page 54 Set up the wireless interface. This chapter shows you how to do some basic management and maintenance tasks. Page Chapter 4 Configuration And Management Basics For example, if you do not know the administrator account passphrase or a power inter- ruption damages the Firebox X Edge firmware, you can reset the Firebox to the factory-default settings.
Using HTTP is less secure. When you use HTTP, all configuration changes are sent to the Edge from your computer in unencrypted text. Page 61 Select the Enable remote management check box. Page 63 Management System. Make sure the Use Centralized Management check box is cleared. WatchGuard System Manager v8. Type a status passphrase for your Firebox X Edge and then type it again to confirm in the correct fields. Page 65 VPN Manager or the connection will fail.
The default address is Click OK. The installer applies the firmware update to the Firebox X Edge. As part of the update process, the Firebox X Edge restarts one or two times—this is usual. Page Activating Upgrade Options You use the license key to get the feature key for the upgrade. The Upgrade page appears. Paste the feature key in the correct field. Click Submit. User Guide Activating Upgrade Options Go to the upgrade site on the WatchGuard web site www.
At a minimum, you must configure the external network and the trusted network to let traffic flow through the Edge. You do this when you use the Quick Setup Wizard after you install the Edge. A static IP address can be more expensive than a dynamic IP address because static IP addresses make it easier to set up servers.
The External Network Configuration page appears. From the Configuration Mode drop-down list, select Manual Configuration. Get this information from your ISP or corporate network administrator. If you completed the table on page 15, type the information from the table. Page 78 Domain field. Do not type the symbol. Some ISPs do not use the domain. In the Inactivity Time-out field, type the number of minutes before the Edge disconnects inactive connections.
We recommend a value of Page 79 Select this option if there is more than one installation of the same PPPoE client on the network.
This can prevent interference between the discovery packets of each client. This is not a supported Edge feature; WatchGuard includes this option to make the Edge compatible with ISPs which have this requirement. With this option on, the Edge makes a file that you can send to Technical Support.
Use this option only when Technical Support tells you because it decreases Edge performance. You can also change the IP address of the trusted network. The Trusted Network Configuration page appears. Page Configuring The Optional Network If you make any changes to the optional network configuration page, you must click Submit and then restart the Firebox before the new configuration starts. You can make many changes, and then restart just once when you are done.
The Optional Network Configuration page appears. The Routes page appears. Page 93 Type the destination IP address and the gateway in the related fields. The gateway is the local interface IP address of the router. Create a DynDNS. Page 96 The Firebox connects to the IP address it finds for members. Identify the computers to connect Type the IP addresses of computers to which the Edge can connect.
The WAN Failover page appears. Page If you do not have this information, speak with your ISP or corporate network administrator. Configure the WAN2 interface using that information. Page Dial-Up Dns Settings In the Inactivity time-out field, enter the number of seconds before time-out if no traffic goes through the modem.
In the Speaker volume field, set your modem speaker volume. Click Submit, or select a different tab to change more settings. To start the wiz- ard, select Wizards from the navigation bar and click Go adjacent to the task: Configure the wireless network interface of the Firebox X Edge.
To control access to the VPN, you can force Firebox users to authenticate. The Firebox X Edge can use only one key at a time. If you select a key other than the first key in the list, you must also set your wireless client to use the same key. Look for the physical address of the wireless adapter. Click Add. Repeat steps 3—4 for each computer that can connect to the Edge.
A guest is a wireless user that is not usually con- nected to the wireless network. A guest could be a business associ- ate visiting your organization and given temporary access to the Internet, or possibly to your trusted network. Page Setting Password Protection You can set the level of network access a guest user has on the Wireless Guest Services configuration page. The Firebox X Edge Wireless is configured to protect the wired and wireless computers that are attached to it from security risks.
The key is provided for me Connect again. The configuration of allowed services and firewall options set the level of security the Firebox applies to your network. Page Chapter 7 Configuring Firewall Settings This section also has examples of how to use the optional network.
Usually, the Internet is the external network. Page Configuring Common Services For Incoming Traffic Find the common service to allow into your trusted or optional network from the external network.
From the Filter drop-down list adjacent to the service name, select Allow or Deny. By default, the Firebox does not allow incoming traffic to your network. The service host is the computer on the trusted or optional network that receives the traffic. Repeat steps 1—5 to allow or deny more common services. If you set a common service to Allow, the Edge allows traffic that uses that service from any source on the external network.
The Filter Incoming Traffic page appears. Scroll to the bottom of the page. Below Custom Services, click Add Service. The Custom Service page appears. Page In the Service Name text box, type the name for your service. To use a range of ports, type a port number in the second text box.
To only limit which computers receive information, skip to step 5. The From box shows the IP addresses you added. Repeat steps 2—4 until all of the address information for this custom service is set. When the Outgoing common service is set to Deny, all outgoing traffic is blocked. When the Outgoing common service is set to No Rule, traffic that is not specially permitted is blocked.
In the text box adjacent to the Protocol drop-down list, type a port number or protocol number. Page Disabling Traffic Filters When you select the Disable traffic filters check box, the trusted network is not protected from the optional network.
All traffic can flow between optional and trusted network. You can examine the data to identify attacks and stop fur- ther attacks from that address range. Page Configuring Firewall Options Firebox settings. This option overrides all other Fire- box settings. Page MAC address you assign to the external inter- face is unique on your network. Then it restarts.
An event is one activity, such as when the Firebox denies a packet. A log file records and saves information about these events.
An event log message is an important part of a network security policy. Use these instructions to send your event logs to the Log Server. Adjacent to Address of Syslog host, type the IP address of the syslog host. To include the local time in the syslog messages, select the Include local time in syslog message check box. This setting is useful if you have more than one Edge sending syslog messages to the same syslog host.
High performance, total security tabletop appliances. Wi-Fi optional. Ideal for small, home, and branch office locations. Learn More. Total security built to withstand harsh conditions and extreme temperatures. IPrated appliance.
0コメント