Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes
When you add a Firebox to WatchGuard Cloud, WatchGuard Cloud generates a verification code. The Firebox uses this code to register to your account. The verification code expires after 30 days if the device does not connect to WatchGuard Cloud.
- For Fireboxes manufactured with Fireware v12.5.2 or lower, the verification code is visible in WatchGuard Cloud, and you must copy it. Depending on the Firebox model and the installed version of Fireware, you might have to paste this code in the Firebox configuration.
- For Fireboxes manufactured with Fireware v12.5.3 or higher, the verification code is not visible in WatchGuard Cloud, and you do not have to paste it in the Firebox configuration.
If your Firebox has a TPM (Trusted Platform Module) chip, and runs Fireware v12.5.3 or higher, the Firebox uses TPM to register with WatchGuard Cloud.
For an active/passive locally-managed FireCluster, you must always paste the verification code into the Firebox configuration, regardless of Firebox model.
You must paste the verification code in the Firebox configuration for:
- A Firebox that runs Fireware v12.5.2 or lower.
- A Firebox that does not have a TPM chip.
- An active/passive FireCluster (all Firebox models).
See the Registration Status
The first time the Firebox connects to WatchGuard Cloud it registers. To see the Firebox registration status, go to the Device Status page:
- Log in to your WatchGuard Cloud Subscriber account.
- Select Configure > Devices.
- Select the Firebox.
- Select Device Settings.
If the Firebox has never connected to WatchGuard Cloud, the Device Settings page shows the number of days left to connect your device before the verification code expires. If the verification code is expired, you can regenerate it, as described in the next section.
If your Firebox is connected, the Connect Device section is not shown on the Device Status page.
In Account Manager and Device Manager, connected devices display a green circle to the left of the Firebox name.
Regenerate the Verification Code
You might have to regenerate the verification code if it has expired or to troubleshoot a registration failure. The steps to generate a new verification code depend on the version of Fireware the Firebox was manufactured with.
To regenerate the verification code:
- Select Configure > Devices.
- Select the Firebox.
- Select Device Status.
The Connect Device section shows how to connect your device. If your device did not connect within 30 days, you must generate a new verification code.
- To generate a new verification code, click Connect.
After you generate a new code, the Device Status page shows the number of days until the code expires, and instructions to connect your device.
After you generate a new code, Connect the Firebox.
You can regenerate a verification code for a Firebox that has the status Never Connected or for a Firebox that has the status Not Connected for longer than ten minutes.
To regenerate the verification code:
- Select Configure > Devices.
- Select the Firebox.
- Select Device Status.
The Connect Device section shows how to connect your device. If your device did not connect within 30 days, you must generate a new verification code.
- Click Regenerate Code.
- In the confirmation dialog box, click Regenerate Code.
A new verification code appears.
- To copy the verification code, click Copy Code.
The verification code is copied to the clipboard. - Click Done.
After you generate a new code, Connect the Firebox.
Connect the Firebox
After you regenerate the verification code, you must use Policy Manager or Fireware Web UI to update the Firebox configuration so that the Firebox can connect to WatchGuard Cloud.
Even if the Firebox does not require that you paste the verification code, you must complete these steps to update the verification code on the Firebox.
If the Firebox uses an invalid verification code to register to WatchGuard Cloud, the WatchGuard Cloud status on the Firebox is Failed Registration. You can use Fireware Web UI or Policy Manager to update the verification code on the Firebox.
To update the WatchGuard Cloud configuration on the Firebox:
- Log in to Fireware Web UI.
In the Front Panel, the WatchGuard Cloud Status shows Failed Registration.
- In the navigation menu, select System > WatchGuard Cloud.
The WatchGuard Cloud configuration page opens. If WatchGuard Cloud is enabled and the device could not register, the status is Failed Registration.
WatchGuard Cloud configuration for a Firebox that requires you to paste the verification code.
WatchGuard Cloud configuration for a Firebox that does not require you to paste the verification code.
- To unlock the configuration, click the lock icon.
The Save button appears. - If the Firebox requires a verification code, in the Verification Code text box, paste the verification code you copied from WatchGuard Cloud.
- Click Save. You must click Save to update the configuration, even if you do not have to paste a verification code.
The Firebox tries to register with WatchGuard Cloud. - To prevent further changes to the configuration, click the lock.
The registration status changes to Pending Registration. After the Firebox successfully registers, the status changes to Registered.
To update the WatchGuard Cloud configuration on the Firebox:
- Connect to the Firebox with WatchGuard System Manager.
- Open the Firebox configuration in Policy Manager.
- Select File > Save > To Firebox.
- Type the Administrator Passphrase.
- In the File Name text box, accept the configuration file name and path, or edit it.
- Click Save.
If WatchGuard Cloud is enabled, and the Firebox requires the verification code to register, the Register Firebox dialog box opens.
- If required for your Firebox, in the Verification Code text box, paste the verification code from WatchGuard Cloud.
- Click OK.
After you update the verification code, verify that the Firebox is connected to WatchGuard Cloud. For more information, see: