About Recovery Mode for XTM 5 and 8 Series
You can start your XTM device in recovery mode if you want the Quick Setup Wizard to force a Fireware v11.x OS installation regardless of the version that is currently installed. For most device models, if you run the Quick Setup Wizard to configure a device that is in recovery mode, the Quick Setup Wizard finds the latest version of Fireware OS installed on the management computer, and installs it on the XTM device. The Quick Setup Wizard also removes all existing settings and feature keys.
When you start an XTM device in recovery mode, the device uses the version of Fireware OS that was originally installed when the device was manufactured. Some XTM device models are manufactured with a version of Fireware OS that cannot be upgraded directly to Fireware v11.8 or higher. These models are:
- XTM 5 Series (XTM 505, 510, 515, 520, 525, 530, and 535)
- XTM 8 Series (XTM 810, 820, 830, and 830F)
When the Quick Setup Wizard discovers one of these models in recovery mode, it looks for the latest version of Fireware OS v11.7.x or lower on the management computer, and installs that on the XTM device. Before you use the Quick Setup Wizard to reinstall Fireware OS, you must first install Fireware OS v11.7.4 or lower on the management computer. After device recovery is complete, you can use Policy Manager to upgrade the XTM device software to Fireware v11.8.x.
The Quick Setup Wizard can reinstall Fireware OS v11.7.4 or lower on an XTM 5 Series or 8 Series device. We recommend that you use Fireware OS v11.7.4, because this is the minimum version the device must use before you upgrade it to Fireware OS v11.8 or higher.
Step 1 — Install Fireware OS v11.7.4 on the Management Computer
If necessary, download and install Fireware OS v11.7.4 file for your XTM device model on the management computer. The Fireware OS installer installs the files that the Quick Setup Wizard uses to install the software on the XTM device.
To see which versions of Fireware OS for your device are installed on the management computer:
- In WatchGuard System Manager, select Help > About WatchGuard.
The About WatchGuard Software dialog box appears.
- In the Installed OS Versions list, look at the software versions installed for your XTM 5 Series or 8 Series device.
- For XTM 510, 520, 530, look for: XTM OS appliance software for XTM5 (Language), v11.7.4
- For XTM 810, 820, 830, look for: XTM OS appliance software for XTM8 (Language), v11.7.4
If Fireware OS v11.7.4 for your XTM device model is not installed, download the Fireware OS installer for your device from the WatchGuard Portal on the WatchGuard website at http://www.watchguard.com, and install it on the management computer.
If you have previously installed Fireware OS v11.8 or higher for your device on the management computer, you do not need to uninstall it.
Step 2 — Start the XTM Device in Recovery Mode
To start an XTM device with an LCD display in recovery mode:
- Power off the XTM device.
- Press and hold the up arrow on the device front panel while you turn the power on.
- Keep the button depressed until "Recovery Mode starting" appears on the LCD display.
When the XTM device is in recovery mode, it is ready to be discovered by the WSM Quick Setup Wizard.
Step 3 — Run the WSM Quick Setup Wizard
After you start the device in recovery mode, you can use the WSM Quick Setup Wizard to reinstall the software.
- Connect the management computer to XTM device interface 1.
- Make sure the management computer gets an IP address on the 10.0.1.0 network.
- In WatchGuard System Manager, select Tools > Quick Setup Wizard.
- Select Yes, my device is ready to be discovered.
- Click Next to start device discovery.
- Provide the information to create a basic device configuration, and add the feature key.
For a description of the configuration steps, see Run the WSM Quick Setup Wizard.
The final page of the Quick Setup Wizard shows the version of Fireware installed on the device.
After the XTM device restarts, it uses Fireware v11.7.4, with a basic configuration that includes five policies (TCP and UDP outgoing, FTP packet filter, ping, WatchGuard, and WatchGuard Web UI) and the interface IP addresses you specified. You can use Policy Manager to change this basic configuration or to save an existing configuration file to the device, as described in Step 5.
Step 4 — Upgrade Fireware OS
After the Quick Setup Wizard has reinstalled Fireware v11.7.4, you can use Policy Manager to upgrade the device to a later version. For more information, see Upgrade Fireware OS or WatchGuard System Manager.
Step 5 — Save a Configuration File to the Device
If you have previously saved a Fireware v11.8 or higher device configuration to a file, you can use Policy Manager to save that configuration to the device.
- Open the saved v11.8 or higher configuration file you want to use in Policy Manager.
- Make sure the configuration file has the correct feature key for this device.
- Save the configuration file to the XTM device.
Step 6 — Reinstall XTM Device Certificates
When you use the Quick Setup Wizard for a device in recovery mode, any certificates installed on the device are removed. If your XTM device had certificates installed, you must reinstall any certificates on the device after the downgrade. For more information, see Manage Device Certificates (WSM).