Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1484
  • Last Modified:

Watchguard Firebox how to add a 2nd External interface

Hi Firebox Experts

A client has a Firebox X750e. I am a Firebox newbie!

Their ISP has assigned a second range of external IP addresses so that their router has 185.x.x.7/24 and 62.x.x.43/24.
Currently Eth0 [External] on the Firebox has ip 62.x.x.42 as the external interface with 62.x.x.43 as the gateway.
How do I configure the Firebox to ALSO USE 185.x.x.6 as an interface with 185.x.x.7 as a gateway? Detailed instructions would really help :-)
Many thanks
0
Winfix1
Asked:
Winfix1
  • 4
  • 2
1 Solution
 
dpk_walCommented:
You have option to use either multi-WAN would be licensed if not currently available; OR add 185.x.x.6 as secondary network on external interface.
The ISP would need to configure the router to forward all packet for 185.x.x.x subnet to 185.x.x.6.

If you go with approach I [multi-WAN] then you get failover option; and can load-balance traffic on both links.
With approach II you only get additional IPs but not redundancy.

For steps using approach II on adding secondary network:
Policy Manager->Network->Configuration; select External and click Configure...; click Secondary; specify 185.x.x.6 IP with relevant mask.
You can now use this IP address in your policy. If you have multiple IPs in 185.x.x.x range, then add all IPs one by one.

For configuring multi-WAN, please read below:
http://watchguard.custhelp.com/app/answers/detail/a_id/1289

Please let know if you need more details.

Thank you.
0
 
Winfix1Author Commented:
Thanks dpk_wal.

I read some Firebox docs which said that the Secondary IP option was only for adding an IP in the same range as the primary IP? ie sio it has a Primary IP of 62.x.x.42 & secondary IP of 62.x.x.43

Please can you clarify.

Thanks
0
 
dpk_walCommented:
This is true if you are using an older version of WG software; and applies only to aliases on external interface; with newer software which x750e must be running [i think you would at least be on version 9.x] this should not be a problem.

Thank you.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
Winfix1Author Commented:
Thanks. The System manager says X750e running Fireware XTM v11.0. Should that be OK?

0
 
dpk_walCommented:
Yes that almost latest; I think 11.4 is...but not 100% sure.

Please implement and update.

Thank you.
0
 
dpk_walCommented:
A solution has been posted # 34957740; question should not be deleted IMO.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now