WatchGuard FireboxV brings best-in-class network security to the world of virtualization. With real-time monitoring, multi-WAN support and scalable solutions to fit any-sized business, your virtual environments can be just as secure as your physical one.
WatchGuard FireboxV comes included as a template on OrionVM for quick and easy deployment. This section will guide you through the process of provisioning and deploying an FireboxV instance.
Creating Your FireboxV Instance
You create a WatchGuard FireboxV instance from a template, much like an Ubuntu or CentOS instance. From the Dashboard screen, click the Launch Instance button, which will redirect you to the Instances screen.
On the Instances screen the New Instance panel will display. Under the second column labeled Disks, under New Instance Boot Disk select WatchGuard FireboxV from the dropdown list. Feel free to rename the instance by clicking the pencil icon next to the name at the top.
The minimum specs for a WatchGuard FireboxV instance is as follows:
- 1 vCPU
- 4GB RAM
- 10 GB Boot Disk
- 1 Public IP Address
- 1 Private IP Address
Note that WatchGuard FireboxV requires the Public IP address to be connected to eth0 and the Private IP address to be connected to eth1. To do so, add both networks by clicking Add to network... and click and drag the network interfaces to rearrange.
Once you have defined your requirements, click Create and Start to create and start the instance.
Setting Static IPs for FireboxV
To access the FireboxV Dashboard we must first set a static IP address for the FireboxV external and internal (trusted) interfaces. To do so we will use the Out-of-Band Console.
On the Instances screen, on the right of the FireboxV instance click the gear and select Launch Console from the drop down menu.
Once the instance has finished booting the console will prompt you for a username and password. We will be using the
admin user with the default password
readwrite to connect.
We then issue the following commands into the FireboxV CLI:
config interface fastethernet 0 enable name External type external default-gw <default-gateway> ip address <external-address>/<mask> default-gw <default-gateway> exit interface fastethernet 1 enable name Trusted type trusted ip address <internal-address>/<mask> exit ip dns server <dns-address>
For example, to configure FireboxV with external IP address of
203.0.113.200/24, a gateway of
203.0.113.1, internal address
192.168.0.1, and DNS server
config interface fastethernet 0 enable name External type external default-gw 203.0.113.1 ip address 203.0.113.200/24 default-gw 203.0.113.1 exit interface fastethernet 1 enable name Trusted type trusted ip address 192.168.0.1/24 exit ip dns server 220.127.116.11
If you would like to copy and paste the above command and modify it in the Out-of-Band Console window itself click Paste Text at the bottom right and use the input box that appears.
Too see if you have input the commands correctly you can use the
show int command which will display the virtual network interface configuration.
Once you are sure your settings are correct enter the
exit command to exit configuration mode, then enter the
exit command again to log you out of the admin user.
Note: Please ensure that the DNS server you provide is valid as FireboxV relies on DNS to renew licensing.
Accessing the FireboxV Dashboard
After your FireboxV instance is set up and powered on and the external and trusted interfaces configured you can now access the FireboxV Dashboard.
To access the FireboxV Dashboard navigate to the public IP address using your web browser of choice. You will also need to append ":8080" to the end of the IP to access the portal on the correct port.
For example, for the external IP set above you would type "203.0.113.200:8080" into your browsers URL bar and press enter, following which you will be presented with the login screen for FireboxV.
You can now login by using the same admin credentials as above (User Name
Licenses for FireboxV can be requested from email@example.com. Please specify the following when requesting your license:
- Appliance size: Small, Medium, or Large
- Service type: Standard Support, Basic Security, Basic Security + APT, or Total Security
- The name of the Instance and/or the Organization the license is being applied in, for billing reference
To apply the license:
- Login to the FireWare Web UI
- Navigate to the Feature Key Wizard under System > Feature Key
- Select "Yes, I have a local copy of the feature key" and click
- Paste in the provided Feature Key and click
- Your feature key will now be applied
If DNS is configured directly on the FireboxV the license will stay up to date. To request cancellation of your FireboxV license please email firstname.lastname@example.org.