Drop-in configuration | WatchGuard Technologies Firebox X instruction

Installation Topics

In a routed configuration, you install the Firebox with different logical networks and network addresses on each of its interfaces. The public servers behind the Firebox use private IP addresses. The Firebox uses network address translation (NAT) to route traffic from the external network to the public servers.

The requirements for a routed configuration are:

•All interfaces of the Firebox must be on different logical networks. The minimum configuration includes the external and trusted interfaces. You can also configure one or more optional interfaces.

•All computers behind the trusted and optional interfaces must have an IP address from that network. For example, a computer on a trusted interface in the previous figure could have an IP address of 10.10.10.200 but not 192.168.10.200, which is on the optional interface.

Drop-in configuration

With a drop-in configuration, the Firebox uses the same network for all of its interfaces. You must config- ure all of the interfaces. When you install the Firebox between the router and the LAN, it is not necessary to change the configuration of the local computers. The public servers behind the Firebox continue to use public IP addresses. The Firebox does not use network address translation to route traffic from the exter- nal to your public servers.

The properties of a drop-in configuration are:

10	WatchGuard System Manager

Image 16

WatchGuard Technologies Firebox X manual Drop-in configuration

Contents

WatchGuardSystem Manager User Guide Address Contents Setting Up Logging and Notification Copy the online help system to more computers LogViewer Settings Importing Certificates Microsoft Internet Explorer 5.5 Apache Software License, Version 2.0, January Getting Started About WatchGuard System ManagerWatchGuard Management Server Log Server Installing WatchGuard System Manager About Hardware and Appliance Software License Keys Network addresses 1Network IP Addresses Without the Firebox External interfaceTrusted interface Optional interfaces Software encryption levels BaseUses 40-bit encryption Strong Setting Up Your Management Server Putting the Firebox into operation on your network Master password Admin password After Your Installation Installation Topics WFS appliance software configuration modes Routed configuration Drop-in configuration Adding secondary networks to your configuration To add a secondary networks, do one of these proceduresUse the Quick Setup Wizard during installation Dynamic IP support on the external interface Entering IP addresses About slash notation Installing the Firebox cables Installation Topics Service and Support LiveSecurity Service SolutionsThreat responses, alerts, and expert advice Easy software updates LiveSecurity Service Broadcasts Basic FAQs LiveSecurity Service Self Help ToolsNew from WatchGuard Advanced FAQs Known IssuesInteractive Support Forum Online Training Using the WatchGuard Users Forum WatchGuard Users ForumWatchGuard Users Group Online Help Product Documentation Technical SupportCopy the online help system to more computers Software requirements Web Site Service Time We try to supply a solution in a maximum time of four hoursType of Service Hours Training and Certification Monitoring Your Network Starting WatchGuard System ManagerAbout the WatchGuard System Manager Window From the Windows Desktop Connecting to a Firebox Disconnecting from a FireboxDevice Log Connecting to a Server Type the password for the Management ServerDisconnecting from a Server Seeing Information about Devices Certificates Firebox StatusBranch Office VPN Tunnels Seeing Information on Log Servers Mobile user VPN tunnelsPptp user VPN tunnels No exclamation point Monitoring VPNs About the WatchGuard Toolbar Starting Security ApplicationsPolicy Manager Firebox Manager Quick Setup Wizard HostWatchLog Viewer Historical Reports Setting Up the Log Server Setting Up Logging and NotificationLog Server collects logs from each WatchGuard Firebox WatchGuard Log Server Configuration dialog box appears Configuration Guide for your version of appliance software Setting Global Logging and Notification Preferences Type the new log encryption key two times Click OK Click Save Changes or Close Click Save Changes Setting Global Logging and Notification Preferences Traffic Alarm Event Diagnostic Reviewing and Working with Log FilesTypes of Log Messages Traffic log messages Alarm log messages Diagnostic log messagesLog File Names and Locations Starting LogViewer Browse to find the log file and click Open LogViewer Settings Changing LogViewer settings with WFS appliance software Click to set the format of the logs to the default colors Using LogViewer Select Edit Find Paste the data into any text editor Click File Merge log files Click Browse to find the files to put together Click Merge Using LogViewer Using LogViewer Generating Reports of Network Activity Creating and Editing Reports Type the report name From Historical Reports, click AddSelect the filter Type the Firebox IP address or host name. Click Add Specifying a Report Time IntervalChange the report definition Specifying Report Sections To consolidate report sections Setting Report PropertiesType the number of items to put in the table Exporting Reports Using Report Filters Complete the Filter tabs When finished, click OK Running ReportsReport Sections and Consolidated Sections Change the filter properties Report Sections and Consolidated Sections Session Summary Proxied Traffic Consolidated sections Report Sections and Consolidated Sections Public Key Cryptography and Digital Certificates Managing Certificates Certificate AuthorityPKI in a WatchGuard VPN From the menu, select the correct Managing the Certificate AuthorityCertificate Authority CA Certificate Management Server CA Certificate Generate a New CertificateGWvpn gateway name Find and Manage Certificates Revoke ReinstatePuts back a certificate that was revoked before Destroy Managing the Firebox X Edge Firebox Soho Importing Certificates Netscape Communicator Netscape Troubleshooting ideas AdministrationManaging the Firebox X Edge or Soho Device System Status Removing Certificates System security and remote managementFirewall Logging Select File Soho Management Clean up on PC Removing Certificates Appendix a Copyright and Licensing WatchGuard Firebox Software End-User License Agreement WatchGuard System Manager Copyright and Trademarks Licenses OpenSSL License Original SSLeay License Apache Software License, Version 2.0, January Licenses Pcre License GNU Lesser General Public License Licenses Licenses Licenses GNU General Public License Licenses Licenses Licenses Sleepycat License Licenses Appendix B WatchGuard File Locations General File Locations Default File Locations Quick Setup Wizard HostWatch for Fireware Appliance Software Firebox System Manager for Fireware Appliance SoftwarePolicy Manager for Fireware Appliance Software WatchGuard System Manager Policy Manager for WFS Appliance Software Firebox System Manager for WFS Appliance Software HostWatch for WFS Appliance SoftwareFlash Disk Management for WFS Appliance Software LogViewer WebBlocker Server Management ServerLog Server User Interface Log Server for WFS Appliance Software Log Server for Fireware Appliance SoftwareHistorical Reports Log Merge Management Server Setup WizardManagement Server User Interface WatchGuard Certificate Authority Default File Locations Index Muvpn Wctp 100