WatchGuard FireboxV
WatchGuard FireboxV brings best-in-class network security to the world of virtualization. With real-time monitoring, multi-WAN support and scalable solutions to fit any-sized business, your virtual environments can be just as secure as your physical one.
WatchGuard FireboxV comes included as a template on OrionVM for quick and easy deployment. This section will guide you through the process of provisioning and deploying an FireboxV instance.
Creating Your FireboxV Instance
You create a WatchGuard FireboxV instance from a template, much like an Ubuntu or CentOS instance. From the Dashboard screen, click the Launch Instance button, which will redirect you to the Instances screen.
On the Instances screen the New Instance panel will display. Under the second column labeled Disks, under New Instance Boot Disk select WatchGuard FireboxV from the dropdown list. Feel free to rename the instance by clicking the pencil icon next to the name at the top.
The minimum specs for a WatchGuard FireboxV instance is as follows:
- 1 vCPU
- 4GB RAM
- 10 GB Boot Disk
- 1 Public IP Address
- 1 Private IP Address
WARNING: WatchGuard FireboxV requires the Public IP address to be connected to eth0 and the Private IP address to be connected to eth1. To do so, add both networks by clicking Add to network... and click and drag the network interfaces to rearrange.
Once you have defined your requirements, click Create and Start to create and start the instance.
Setting Static IPs for FireboxV
To access the Fireware Web UI we must first set a static IP address for the FireboxV external and internal (trusted) interfaces. To do so we will use the Out-of-Band Console.
On the Instances screen, on the right of the FireboxV instance click the gear and select Launch Console from the drop down menu.
Once the instance has finished booting the console will prompt you for a username and password. We will be using the admin user with the default password readwrite to connect.
We then issue the following commands into the FireboxV CLI:
config
interface fastethernet 0
enable
name External
type external default-gw <default-gateway>
ip address <external-address>/<mask> default-gw <default-gateway>
exit
interface fastethernet 1
enable
name Trusted
type trusted
ip address <internal-address>/<mask>
exit
For example, to configure FireboxV with external IP address of 10.0.0.10/24, a gateway of 10.0.0.1, and internal address 192.168.0.1, type:
config
interface fastethernet 0
enable
name External
type external default-gw 10.0.0.1
ip address 10.0.0.10/24 default-gw 10.0.0.1
exit
interface fastethernet 1
enable
name Trusted
type trusted
ip address 192.168.0.1/24
exit
If you would like to copy and paste the above command and modify it in the Out-of-Band Console window itself click Paste Text at the bottom right and use the input box that appears.
Too see if you have input the commands correctly you can use the show int command which will display the virtual network interface configuration.
Once you are sure your settings are correct you must exit the current admin session by entering the command exit until you are logged out of the user.
Accessing the Fireware Web UI
After your FireboxV instance is set up and powered on and the external and trusted interfaces configured you can now access the Fireware Web UI.
To access the Fireware Web UI navigate to the public IP address using your web browser of choice. You will also need to append ":8080" to the end of the IP to access the portal on the correct port.
For example, for the external IP set above you would type "10.0.0.10:8080" into your browsers URL bar and press enter, following which you will be presented with the login screen for FireboxV.
You can now login by using the same admin credentials as above (User Name admin, Password readwrite).
Setting DNS
FireboxV relies on DNS to communicate with the WatchGuard Licensing Server to ensure that a valid license is applied. This also ensures that all the features that apply to your license are active.
By default DNS is not configured. You can set your Network (Global) DNS servers as follows:
- Fireware Web UI — Select Network > Interfaces > DNS/WINS
- Policy Manager — Select Network > Configuration > WINS/DNS