Add Managed Devices to the Management Server

You can use your WatchGuard Management Server to manage your Fireboxes. This includes devices that run Fireware OS and Fireware XTM OS, and devices that run an older version of Fireware OS. You can manage a device with a dynamic IP address if you used Policy Manager to configured it as a managed client. If your device has multiple external interfaces, do not change the interface configuration after you add the device to the Management Server.

From WatchGuard System Manager:

  1. To connect to the Management Server, click the Connect to Server icon .
    Or, select File > Connect to Server.
    Or, right-click anywhere in the window and select Connect to > Server.
    The Connect to Management Server dialog box appears.
  2. Type or select the IP address of the Management Server and type the configuration passphrase.
  3. Click Login.
    The Management Server page appears.

Screen shot of the WatchGuard System Manager Device Management tab

  1. Click the Add Policy icon to add a device.
    Or, on the Management Server page, in the Summary section, click Add Device.
    The Add Device Wizard starts.
  2. Click Next.
    The first configuration screen appears.

Screen shot of the Add Device Wizard dialog box

  1. Select an option:
    • I know the device's current IP address
    • I don't know the device's current dynamically allocated IP address
  2. Follow the instructions in the subsequent section for the option you selected.

If You Know the Current IP Address of the Device

  1. Type the Hostname/IP Address, Status Passphrase, and Configuration Passphrase for the device.
    If you select a device that is already managed by another server, a warning message appears. To overwrite the other configuration and add this device to this Management Server, click Yes.
  2. Click Next.
    The wizard performs device discovery.
  3. To use a name other than the default name, type a Client Name for the device.
  4. Select the Device Type from the drop-down list.
  5. Type and confirm the Shared Secret.
    The name and shared secret you type here must match the name and shared secret you give the device when you enable it as a managed client.
  6. Click Next.
  7. Type and confirm the Status Passphrase and the Configuration Passphrase. Click Next.
  8. Select the tunnel authentication method for the device. Click Next.
    The Configure the Device page appears.
  9. Click Next.
    The Add Device Wizard is complete page appears.
  10. Review the information for your device. Click Close.
    The Add Device Wizard closes and the device appears in WSM in the correct device category in the Summary list and in the Devices list.

If You Do Not Know the IP Address of the Device

After you complete the wizard, you can manually configure the device for management. When the device is configured for management, it contacts the Management Server.

For more information, see Configure a Firebox as a Managed Device and follow the procedure in the Set up the Managed Client section.

  1. Click Next.
    The wizard does not perform device discovery and the Enter a name for the device page appears.
  2. To use a name other than the default name, type a Client Name for the device.
  3. Select the Device Type from the drop-down list.
  4. Type and confirm the Shared Secret.
    The name and shared secret you type here must match the name and shared secret you give the device when you enable it as a managed client.
  5. Click Next.
  6. Type and confirm the Status Passphrase and the Configuration Passphrase. Click Next.
    The Select the tunnel authentication method page appears.
  7. Select the tunnel authentication method for the device. Click Next.
    The Configure the Device page appears.
  8. Click Next.
    The Add Device Wizard is complete page appears.
  9. Click Close.
    The Add Device Wizard closes and the device appears in WSM in the correct device category in the Summary list and in the Devices list.

If there is a lot of network traffic when the wizard tries to connect to the device, the SSL connection times out. Complete the wizard again when the network is less busy.

See Also

About Centralized Management Modes

Use Device Folders

Give Us Feedback     Get Support     All Product Documentation     Technical Search