Configure Firebox Network Settings

Applies To: Cloud-managed Fireboxes

Some of the features described in this topic are only available to participants in the WatchGuard Cloud Beta program. If a feature described in this topic is not available in your version of WatchGuard Cloud, it is a beta-only feature.

To configure network settings for a cloud-managed Firebox, go to the Networks configuration page for the device in WatchGuard Cloud.

To open the Networks configuration, from WatchGuard Cloud:

  1. Select Configure > Devices.
  2. Select the cloud-managed Firebox.
  3. Click Device Configuration.
  4. Click the Networks tile.
    The Networks configuration page opens.

Screen shot of the Networks configuration page for a wireless Firebox with three networks configured

From the Networks configuration page you can configure these settings: 

To view more details or edit the configuration, click a tile.

Networks

Network settings define how Firebox interfaces connect to internal and external networks. The Networks section has a tile for each configured network.

Screen shot of the Networks tiles on the Networks configuration page

  • Each network has one or more associated interfaces.
  • For a wireless Firebox, an internal or guest network can also include a wireless SSID.
  • For Fireboxes with a 4G LTE interface module or integrated 5G modem, a 4G LTE Modem or 5G Modem network tile appears.

The tile for each configured network shows this information:

  • IP Address — The network IP address or address configuration type
  • Status — The 4G LTE or 5G network connection status for Fireboxes with a 4G LTE interface module or integrated 5G modem
  • Zone — The network zone (External, Internal, or Guest)
  • Wireless SSID — The wireless SSID associated with the network, if wireless is enabled
  • Associated Interfaces — The interfaces associated with the network

For information about how to add and edit networks, go to:

Interfaces

Interfaces correspond to the physical interfaces on the Firebox. The Interfaces section of the Network page has a tile for each Firebox interface.

Additional interfaces appear for Fireboxes that support network interface expansion modules, even if the module is not currently installed. To avoid potential issues, do not configure these additional interfaces for a cloud-managed Firebox unless the Firebox has a module installed.

The interface icon color indicates whether the interface is associated with a network.

Blue interface icon Interface is associated with a network
Interface is not associated with a network

To view networks an interface is associated with, click View Networks from the interface icon. Each associated network is a standalone, bridged, or VLAN network.

A standalone network has only one associated interface or wireless SSID. If an interface is associated with a standalone network, the View Networks summary shows the associated network name, and the network type Standalone.

Screen shot of the View Networks information for a standalone interface

For an interface associated with a standalone network, you can click the interface tile to configure network interface settings.

For more information, go to Configure Firebox NIC Settings.

A bridged network has at least two associated interfaces or SSIDs. If an interface is associated with a bridged network, the View Networks summary shows the network name, and the network type Bridged.

Screen shot of the View Networks information for a bridged interface

You can associate an interface with one or more VLAN networks. For an interface associated with VLAN networks, the View Networks summary shows the list of VLANs and whether the VLAN traffic is untagged or is tagged with a VLAN ID.

Screen shot of the View Networks information for a VLAN interface

For information about how to configure VLANs, go to Configure Firebox VLANs.

WAN Settings

The WAN Settings section has tiles for Global WAN and SD-WAN settings.

Screen shot of the WAN Settings section of the Networks page, with Global WAN and SD-WAN settings configured

Global WAN settings control how the Firebox routes traffic to external networks. These settings are shown only when the configuration includes multiple external networks.

The Global WAN tile shows these settings:

  • Multi-WAN — The routing action (Failover or Round-Robin)
  • Networks — The selected external networks

To configure global WAN settings, click the Global WAN tile. For more information, go to Configure Global WAN Settings.

You can use Software-Defined WAN (SD-WAN) to distribute traffic between networks or to a specific network, based on firewall policies.

For each configured SD-WAN action, the SD-WAN tile shows:

  • SD-WAN — The routing action (Failover or Round-Robin)
  • Networks — The networks added to the SD-WAN action

To add an SD-WAN action, click the Add SD-WAN tile. For more information, go to Configure SD-WAN.

Wireless Settings

For a wireless Firebox model, the Networks configuration page also includes wireless radio settings.

Screen shot of the Wireless Settings section in a device configuration in WatchGuard Cloud

The Radio Settings tile shows these settings:

  • Frequency Band
  • Wireless Mode
  • Country of Operation

To configure these and other radio settings, click the Radio Settings tile. For more information, go to Configure Wireless Radio Settings.

To configure Firebox wireless networks, go to Configure Firebox Wireless.

Link Aggregation Group

A link aggregation group (LAG) is a group of interfaces that you configure to work together as a single logical interface. In WatchGuard Cloud, you can configure a LAG as an external, internal, or guest interface, or as a member of a VLAN or bridge interface.

For more information, go to About Link Aggregation in WatchGuard Cloud.

Related Topics

Firebox Default Networks

About Firebox Network Zones