• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1498
  • Last Modified:

Watchguard Firebox how to add a 2nd External interface

Hi Firebox Experts

A client has a Firebox X750e. I am a Firebox newbie!

Their ISP has assigned a second range of external IP addresses so that their router has 185.x.x.7/24 and 62.x.x.43/24.
Currently Eth0 [External] on the Firebox has ip 62.x.x.42 as the external interface with 62.x.x.43 as the gateway.
How do I configure the Firebox to ALSO USE 185.x.x.6 as an interface with 185.x.x.7 as a gateway? Detailed instructions would really help :-)
Many thanks
0
Winfix1
Asked:
Winfix1
  • 4
  • 2
1 Solution
 
dpk_walCommented:
You have option to use either multi-WAN would be licensed if not currently available; OR add 185.x.x.6 as secondary network on external interface.
The ISP would need to configure the router to forward all packet for 185.x.x.x subnet to 185.x.x.6.

If you go with approach I [multi-WAN] then you get failover option; and can load-balance traffic on both links.
With approach II you only get additional IPs but not redundancy.

For steps using approach II on adding secondary network:
Policy Manager->Network->Configuration; select External and click Configure...; click Secondary; specify 185.x.x.6 IP with relevant mask.
You can now use this IP address in your policy. If you have multiple IPs in 185.x.x.x range, then add all IPs one by one.

For configuring multi-WAN, please read below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1289

Please let know if you need more details.

Thank you.
0
 
Winfix1Author Commented:
Thanks dpk_wal.

I read some Firebox docs which said that the Secondary IP option was only for adding an IP in the same range as the primary IP? ie sio it has a Primary IP of 62.x.x.42 & secondary IP of 62.x.x.43

Please can you clarify.

Thanks
0
 
dpk_walCommented:
This is true if you are using an older version of WG software; and applies only to aliases on external interface; with newer software which x750e must be running [i think you would at least be on version 9.x] this should not be a problem.

Thank you.
0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
Winfix1Author Commented:
Thanks. The System manager says X750e running Fireware XTM v11.0. Should that be OK?

0
 
dpk_walCommented:
Yes that almost latest; I think 11.4 is...but not 100% sure.

Please implement and update.

Thank you.
0
 
dpk_walCommented:
A solution has been posted # 34957740; question should not be deleted IMO.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now