[Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 812
  • Last Modified:

Unable to log back in to my Firebox x700 after a successful default policy restore.

I'm in the process of trying to utilize a x700 that hasn't been used for some time. It had a External and Default Gateway config that is no longer applicable to our network. I did not have the required passphrase to login so I setup a Management Station and installed WSM 8.2.1. Configured the Mgmt Station for and booted the Firebox into SysB mode. I created a basic policy and successfully flashed the Firebox with the new policy. The indications that it worked are that the External Address and Default Gateway changed on the LCD under SysA mode. The DHCP policy works correctly. However, after booting into SysA, I can no longer ping the Firebox or login to it via WSM. Any ideas?
  • 3
  • 2
1 Solution
Review your configuration and make sure you didn't leave out any policies.

You can use the console cable (blue color) and use the Watchguard software.  There is the Install Wizard to setup a new box.  It will program it through the console (serial) cable.

I haven't done that in a long time, but it may require you to enter the license key again.
Do you have the license key text or the license key file?  If you registered that box at Watchguard then you can access your key via their website.
Ensue that you indeed did add Watchguard policy otherwise you have locked yourself out of the box and would need to reset the unit to factory defaults and then load config again [can be new built from scratch or old which does have watchguard policy] to gain access.

You can open the policy you have loaded on the box from the management station disk disk into the policy manager window.

Thank you.
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

jso1965Author Commented:
When I try to run the Quick Setup, I get a window indicating that it is loading and then nothing - The window closes and Quick setup does not start. I am running the WSM on Windows 7. The documentation I have only refers to Windows XP. As a result, the basic policy is very basic. (1) service that open port 84 for the network cameras. At the very least I would think since I'm getting an IP on the Mgmt Station assigned from the Firebox and it is set for "Drop In" mode, I should be able to ping the Trusted Interface.

External -
Gateway -
DHCP assigns to 1.50 through 1.100.

Pretty straight forward.
I haven't done this for a while so I am going to through some things out, so my recollection could be off.

I think when you setup the Watchguard initially you specify a management station IP address.  I always managed the watchguard from the same machine.  But maybe you need to set the IP back to the original on your PC?  I don't know if changing the management station IP would cause a block to your access.

Your basic policy that you made only had 1 rule in it for the cameras?

Drop-in is the same as Transparent mode, right?  I never setup any watchguards that way so I can't comment on how they respond.  but I would guess you should be able to ping.

WSM 8.x is old.  Can you install it on an XP machine and try the quick setup again.

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now