Watchguard Firebox how to add a 2nd External interface

Posted on 2011-02-22
Last Modified: 2012-05-11
Hi Firebox Experts

A client has a Firebox X750e. I am a Firebox newbie!

Their ISP has assigned a second range of external IP addresses so that their router has 185.x.x.7/24 and 62.x.x.43/24.
Currently Eth0 [External] on the Firebox has ip 62.x.x.42 as the external interface with 62.x.x.43 as the gateway.
How do I configure the Firebox to ALSO USE 185.x.x.6 as an interface with 185.x.x.7 as a gateway? Detailed instructions would really help :-)
Many thanks
Question by:Winfix1
  • 4
  • 2
LVL 32

Accepted Solution

dpk_wal earned 500 total points
ID: 34957740
You have option to use either multi-WAN would be licensed if not currently available; OR add 185.x.x.6 as secondary network on external interface.
The ISP would need to configure the router to forward all packet for 185.x.x.x subnet to 185.x.x.6.

If you go with approach I [multi-WAN] then you get failover option; and can load-balance traffic on both links.
With approach II you only get additional IPs but not redundancy.

For steps using approach II on adding secondary network:
Policy Manager->Network->Configuration; select External and click Configure...; click Secondary; specify 185.x.x.6 IP with relevant mask.
You can now use this IP address in your policy. If you have multiple IPs in 185.x.x.x range, then add all IPs one by one.

For configuring multi-WAN, please read below:

Please let know if you need more details.

Thank you.

Author Comment

ID: 34958925
Thanks dpk_wal.

I read some Firebox docs which said that the Secondary IP option was only for adding an IP in the same range as the primary IP? ie sio it has a Primary IP of 62.x.x.42 & secondary IP of 62.x.x.43

Please can you clarify.

LVL 32

Expert Comment

ID: 34959322
This is true if you are using an older version of WG software; and applies only to aliases on external interface; with newer software which x750e must be running [i think you would at least be on version 9.x] this should not be a problem.

Thank you.
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).


Author Comment

ID: 34959425
Thanks. The System manager says X750e running Fireware XTM v11.0. Should that be OK?

LVL 32

Expert Comment

ID: 34959707
Yes that almost latest; I think 11.4 is...but not 100% sure.

Please implement and update.

Thank you.
LVL 32

Expert Comment

ID: 35186209
A solution has been posted # 34957740; question should not be deleted IMO.

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now