Setting Up A Drop-In Network - Watchguard Firebox FireboxTM System 4.6 User Manual

Watchguard firebox system user guide

Hide thumbs Also See for Firebox FireboxTM System 4.6:

Reference manual (78 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

page of 170

/ 170
Contents
Table of Contents
Bookmarks

Table of Contents

Setting up a drop-in network

The QuickSetup wizard also writes a basic configuration file called

to the hard disk of the Management Station. If you later want to expand

wizard.cfg

or change the basic Firebox configuration using Policy Manager, use

the base file to which you make changes.

You can run the QuickSetup wizard again at any time to a create new, basic

configuration file.

The QuickSetup wizard replaces the configuration file, writing over any prior

version. To make a backup copy of the configuration file on the flash disk, see

the Firebox System Area chapter in the Reference Guide .

To run the QuickSetup wizard:

Complete the Network Configuration Worksheet.

A copy is included with the Install Guide . It can also be found as a .pdf file in the WatchGuard

Documentation directory.

From the Windows Desktop, select Start => Programs => WatchGuard =>

QuickSetup Wizard.

You can also, from the Control Center, select LiveSecurity => QuickSetup Wizard

QuickSetup wizard prompts for information about your network and security policy preferences.

Documentation for running the QuickSetup wizard is contained in the

wizard's on-panel instructions, Install Guide , and Online Help.

When the wizard prompts you to enter monitoring (read-only) and

configuration (read-write) passphrases, use two completely different

passphrases.

Setting up a drop-in network

A drop-in network configuration is useful for situations where you can distribute

network address space across the Firebox interfaces. In a drop-in configuration, you

place the Firebox physically between the router and the LAN, without reconfiguring

any of the machines on the Trusted interface.

Characteristics of a drop-in configuration:

• A single network that is not subdivided into smaller networks; the network is

not subnetted.

• WatchGuard performs proxy ARP.

- The Firebox answers ARP requests for machines that cannot hear the

broadcasts.

- The Firebox can be placed in a network without changing default gateways

on the Trusted hosts. This is because the Firebox answers for the router, even

though the router cannot hear the Trusted host's ARP requests.

- To enable proxy ARP, you must assign the same IP address to all three

interfaces for the Firebox. This is the only supported address assignment in

drop-in configuration.

• All Trusted computers must have their ARP caches flushed.

LiveSecurity => QuickSetup Wizard. The

LiveSecurity => QuickSetup Wizard

wizard.cfg

Table of Contents

Related Products for Watchguard Firebox FireboxTM System 4.6

Watchguard 4RE

Watchguard Firebox 4500

Setting Up A Drop-In Network - Watchguard Firebox FireboxTM System 4.6 User Manual

Setting up a drop-in network

Related Manuals for Watchguard Firebox FireboxTM System 4.6

Related Products for Watchguard Firebox FireboxTM System 4.6

Table of Contents