Watchguard Firebox: Multiple external IP NAT help

Posted on 2011-05-13
Last Modified: 2012-05-11
Hey folks,

I'm setting new policies on a Watchguard Firebox that we have just setup at our new COLO. I am using the System Manager software to do this.

My question is why can't I see all of my available external IPs when setting up a NAT in the 'to' field of a new policy? I can only see a single external IP available, which is in front of the Firebox. I should be able to see our entire range? I'm needing to add these policies to prep for our migration of production servers to a COLO.

We are on a 66.196.x.x/28 block.

Thanks for your help.
Question by:mangamonster
    LVL 6

    Accepted Solution

    in the system manger go to network, configuration and then modify the external interface. click on the secondary networks tab and add the IPs you want. You can then use these for NAT.
    LVL 8

    Expert Comment

    Can you just type the IP in for each NAT? On my firewall I can't see the external IP's but I can configure them.

    Author Comment

    Looks like I was able to find it.

    1. Go to Network > Configuration
    2. Select your External interface you with to add IPs to (from the Interface tab), select the Configure button.
    3. From the Interface Settings window, click on the Secondary tab.
    4. Add all of the secondary IPs you wish to use for traffic routing on your polices.

    :) Weeee!

    Author Closing Comment

    I'll give it to ya since you beat me to it, hehe. Thanks!
    LVL 6

    Expert Comment

    thank you, have a good weekend :)

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
    Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now