WatchGuard® Made Simple

This site is for common setup practices as well as tips and tricks for WatchGuard® Firewall products and contain editorial content.  While every effort is made to ensure all information is correct and concise, no warranty of any kind is expressed or implied, and all information is provided on an "as is" basis.

WatchGuard® is not affiliated with this site and all trademarks and graphics referenced are the property of WatchGuard Technologies Inc. or their respective owners.  All other content is the property of Fireboxsupport.com and may not be reproduced without permission.
 

                                       PLEASE REFRESH THE  PAGES IF YOU HAVE VISITED PREVIOUSLY! - NEW CONTENT ADDED!  01/02/2007

Common Practices

Fireware Pro

Configurations and examples

Firebox SSL VPN

Firebox Core SSL VPN

Firebox X Core/Edge

Setup -

Branch Office VPN (IPSec) - Firebox/Soho

Proxy Configuration

Webblocker Configuration

Remote User configuration using MUVPN & PPTP

Spamscreen®

High Availability

Troubleshooting -

Firebox X Resetting

Rebuilding your configuration

Backing Up/Restoring your Firebox Image.

 

WatchGuard Support Programs

Top

                                                 

MoneyCentral Stock Quote
Enter (WGRD) 

 

 

Rebuilding your configuration.

There are many circumstances where you should rebuild your configuration.  Security is not always convenient.   While the Firebox is one of the best for ease of configuration, the following things warrant a configuration rebuild.

1.  You have upgraded/converted your configuration over many software versions.

2.  You have loaded an old configuration to a newer model Firebox.

3.  You are the new administrator and want to do a security audit/cleanup.

4.  Your Firebox is not operating properly and have unexplained issues.

Note:  Special consideration is needed if you are using VPN Manager since it does not hold its information in the configuration file.  If you rebuild your configuration and you use VPN Manager, be sure to make a Flash Disk Backup because you will have to rebuild VPN Manager as well.  Consult support if you have questions about doing this before rebuilding a configuration

To make a flash disk backup of your Firebox do the following.

In System Manager, click the Wg Icon and navigate to Flash Disk Management as below.

Select "Make Backup of current image"

Follow the prompts to connect to the Firebox with the configuration phrase, give the backup a password (don't forget it!) and it will save a time/day stamped file to /program files/watchguard/backup when completed.

To restore a backup go to this same tool and select "Restore backup image" and select the file to restore, provide the password for the file, provide the Firebox configuration passphrase and it will restore the backup image.

 

To rebuild your configuration, make sure you are running the latest software.  It doesn't make sense to rebuild using an old version of software.

Connect to the Firebox and open policy manager twice and you will have two policy manager windows.  Close the System Manager.

Now size the windows so they are side by side.

On one of the policy managers open, select File>New and select what model Firebox you have and you will have a blank policy on one side.  On the blank policy select Save>As file and give this new configuration a name.

Now on the new configuration start with Network>Configuration and set the IP settings so they match the original configuration.

Do the same for all settings and services so the new configuration has all the settings of the original.  After this is done, save the new configuration to the Firebox and verify functionality.

Once this is done, the configuration is rebuilt and you can close all windows and manage as you would normally.  Be sure not to load an old configuration to the Firebox in the future by deleting old configurations that are not used. 

Warning:  Do NOT delete the file "untitled.cfg" in the WatchGuard folder.  This is a system file needed by policy manager to function.

 

 

Top      User Forum