Configure Firebox System Settings
For a cloud-managed Firebox, system settings include:
- Firebox Name
- Time Zone
- NTP Servers
- Device Feedback
- TCP MTU Probing
- SNMP settings
For a cloud-managed FireCluster, system settings include:
- FireCluster Name
- Time Zone
- NTP Servers
- Device Feedback
- FireCluster Settings (Identification, Interface, and Communication Settings)
- TCP MTU Probing
- SNMP settings
On the Device Configuration page for a cloud-managed Firebox or FireCluster, the Settings tile shows a summary of configured system settings.
When you add a Firebox to WatchGuard Cloud as a cloud-managed device, you configure the Firebox name and time zone. Three NTP servers are automatically added.
Firebox devices also return detailed device feedback by default. For information on how to configure device feedback settings, see Configure Device Feedback Settings (WatchGuard Cloud).
To view and update FireCluster settings for a cloud-managed FireCluster, see Edit the FireCluster Settings.
To see and update the device settings for a Firebox:
- In WatchGuard Cloud, select Configure > Devices.
- Select the cloud-managed Firebox.
- Click Device Configuration.
- Click the Settings tile.
The Settings page opens.
- In the Name text box, edit the Firebox name.
- From the Time Zone drop-down list, select the time zone at the location where the Firebox is installed.
- On the NTP Servers tab, type the addresses of up to three NTP servers.
- (Optional) On the Networking tab, enable TCP MTU Probing.
When you enable this global option, the Firebox can automatically change the size of its data packets to make sure that PMTU discovery succeeds and to avoid reduced performance caused by fragmentation. For example, you might enable TCP MTU Probing in these cases:
- You have a slow PPPoE connection and require smaller packets to optimize performance.
- You want to make sure that clients on your network can access the Internet through a zero-route BOVPN tunnel on this Firebox even if the Path Maximum Transmission Unit (PMTU) discovery process cannot complete. For example, if a remote router drops a packet but does not send an ICMP Destination Unreachable or ICMP Fragmentation Needed response to the Firebox, an ICMP black hole occurs and the PMTU process cannot complete. If you enable TCP MTU probing, an ICMP black hole does not affect traffic through the zero-route BOVPN.
- If you enable TCP MTU Probing, select one of these options:
- Always Enabled
- Enable Only When ICMP Network Issues are Detected — Automatically enable TCP MTU Probing only when an ICMP error message is dropped and the PMTU discovery process cannot complete. After the problem resolves, TCP MTU Probing remains enabled.
- On the SNMP tab, configure your settings for SNMP polling and SNMP traps and notifications. For more information, go to Configure SNMP Settings for a Cloud-Managed Firebox.
- To save configuration updates to the cloud, click Save.
Add a Cloud-Managed Firebox to WatchGuard Cloud
Add a Cloud-Managed FireCluster
Configure Device Feedback Settings (WatchGuard Cloud)