Related Topics
WatchGuard AP Discovery and Pairing
For the Gateway Wireless Controller (GWC) on your Firebox to control a WatchGuard AP, the AP and the Firebox must be paired. For pairing to occur, you must first enable the Gateway Wireless Controller on the Firebox. When the Gateway Wireless Controller is enabled, the Firebox sends a discovery broadcast message to all networks. For more information on how to configure discovery broadcasts, see Configure Gateway Wireless Controller Settings.
After you connect a new AP to your network, the AP receives the broadcast message and sends a response. When the Firebox receives a response from an unpaired AP, the discovered AP appears in the Unpaired Access Points list in the Gateway Wireless Controller.
If the AP is located behind a router or other network device and cannot receive broadcasts from the Gateway Wireless Controller, you must manually add the AP. For more information, see Manually Add an AP.
An AP discovered by the Firebox is not automatically paired with the Firebox. You must pair the AP with the Firebox in the Gateway Wireless Controller. This step is required so that no one can add an unauthorized WatchGuard AP to your network. The AP only accepts configuration information from the Firebox it is paired with.
After the first time you pair a new AP with a Firebox, the Firebox attempts to automatically activate the AP on your account on the WatchGuard website. For more information, see About AP Activation.
About Automatic Deployment
If you want to deploy many APs with the same SSIDs and a simple configuration, you can use Automatic Deployment.
When you enable Automatic Deployment, the Gateway Wireless Controller can automatically configure a new unpaired AP. When you connect an unpaired AP to your network, GWC automatically configures it with specific SSIDs you specify. APs configured with automatic deployment are managed by the GWC the same way as paired devices.
An AP automatically deployed by the GWC is configured with the automatic deployment SSID settings, which include security, encryption, and other SSID specific settings. All other AP settings, such as radio settings, are set to default values.
For more information, see About AP Automatic Deployment.
About Discovery Broadcasts
By default, the Gateway Wireless Controller sends a UDP broadcast on ports 2528 and 2529 on all networks to automatically discover connected APs. You can limit the networks for AP discovery broadcasts. This is useful if you use the automatic deployment feature and want control over which networks allow APs to be automatically deployed. For more information on how to configure discovery broadcasts, see Configure Gateway Wireless Controller Settings.
Connect the AP
Before you can pair the AP with the Firebox, you must connect it to a trusted, optional, or custom Firebox network.
To allow the Gateway Wireless Controller to discover an AP on a custom zone network, you must modify the WatchGuard Gateway Wireless Controller policy to allow traffic from the custom zone. For more information on the custom zone, see Configure a Custom Interface.
If you connect the AP to a VLAN interface, make sure that you configure that interface to handle untagged VLAN traffic. An unpaired AP cannot accept tagged VLAN traffic.
By default, the AP is configured to use DHCP to get an IP address. Make sure that you enable the DHCP Server for the Firebox interface that connects to the AP, so that the AP can get an IP address.
Pair the AP to the Firebox
Use the Gateway Wireless Controller to discover the unpaired AP and pair it to the Firebox.
When an AP120, AP320, AP322, or AP420 device is started with factory default settings, it can take several minutes for it to be discovered by the Gateway Wireless Controller.
- Select Network > Gateway Wireless Controller.
The Gateway Wireless Controller page appears. - Select the Access Points tab.
The list of APs that responded to the discovery broadcast appear in the Unpaired Access Points list.
- To start a scan for new, unpaired APs, click Refresh.
When an unpaired Access Point is found, it appears in the Unpaired Access Points list. - From the Unpaired Access Points list, select an AP to pair with your Firebox.
- Click Pair.
- Click OK.
The Edit Access Point dialog box appears. - Configure the AP settings.
For more information, see Configure AP Settings.
- Select Network > Gateway Wireless Controller.
- Select the Access Points tab.
The list of APs that responded to the discovery broadcast appear in the Unpaired Access Points list.
- To start a scan for new, unpaired APs, click Refresh.
When an unpaired Access Point is found, it appears in the Unpaired Access Points list. - When the AP you want to pair appears, click Stop.
The scan for unpaired APs ends. - From the Unpaired Access Points list, select an AP to pair with your Firebox.
- Click Pair.
- Click OK.
The Edit Access Point dialog box appears. - Configure the AP settings.
For more information, see Configure AP Settings.
For information about how to monitor the status of your APs, see Monitor AP Status.
For information about how to unpair an AP, see Unpair an AP.
If your AP is correctly connected but cannot be discovered, it might be necessary to reset the AP to factory default settings. For more information, see Reset a WatchGuard AP .