Run the WSM Quick Setup Wizard
The Quick Setup Wizard runs as a Windows application to set up a Firebox with a basic configuration. The setup wizard helps you configure basic network and administrative settings and automatically configures security policies and licensed security services with recommended settings.
The default policies and services that the setup wizard configures depend on the version of Fireware installed on the Firebox.
- In Fireware v11.12 and higher, the Quick Setup Wizard creates proxy policies and automatically enables most licensed subscription services with recommended settings.
- In Fireware v11.11.x and lower, the Quick Setup Wizard creates packet filter policies and does not enable licensed subscription services.
For more information about policies and services the Quick Setup Wizard configures, see Setup Wizard Default Policies and Settings.
Before You Begin
Before you start the Quick Setup Wizard, make sure you:
- Activate your Firebox on the WatchGuard website.
- Store a copy of your feature key in a text file on your management computer.
- Download WSM and Fireware installation files from the WatchGuard website to your management computer.
- Install the WSM and Fireware software on your management computer.
- Configure the management computer with a static IP address on the same network as the trusted interface of your device. Or, configure the management computer to accept an IP address assigned with DHCP.
For a Firebox M5600, make sure that an interface module is installed in slot A when you start the Firebox with factory-default settings. For more information, see About Modular Interfaces.
Start the Quick Setup Wizard
- Use an Ethernet cable to connect your computer to the trusted interface (interface 1) of your Firebox.
For a Firebox M5600, connect to the built-in interface, interface 32.
- From the Windows Start Menu, select All Programs > WatchGuard System Manager 11.x > Quick Setup Wizard.
Or, from WatchGuard System Manager, select Tools > Quick Setup Wizard.
The Quick Setup Wizard starts.
- Complete the wizard to set up your Firebox with a basic configuration. The steps include:
Identify and discover your device
Follow the instructions for the Quick Setup Wizard to discover your Firebox. The wizard uses UDP multicast to find the connected Firebox. You might need to select your Firebox model or reconnect the Ethernet cable. After the wizard discovers the Firebox, you give it a name that identifies this device in WatchGuard System Manager, log files, and reports.
Select a setup procedure
Select whether you want to install the Fireware OS and create a new configuration, or if you want to only create a new configuration for your Firebox.
Configure the external interface
You can configure the external interface with a static IP address, or you can configure it to use an IP address assigned with DHCP or PPPoE. You must also add an IP address for the default gateway of the Firebox. This is the IP address of your gateway router.
Configure the internal interfaces
Select the IP addresses to use for the trusted and optional interfaces. If you want to configure the Firebox in drop-in mode, you can also use the external interface IP address for these interfaces.
For more information about drop-in mode, see Drop-In Mode.
Add a feature key
Follow the instructions to download the feature key from the WatchGuard website, or browse to the location of the feature key file you previously downloaded. If you do not provide a feature key, the setup wizard cannot enable licensed subscription services.
Device functionality is limited until you apply a feature key. Without a feature key, the Firebox allows only one user to access the Internet. If the Firebox does not have a feature key, the Quick Setup Wizard cannot configure licensed subscription services.
Subscription Services and WebBlocker settings
For a Firebox that uses Fireware v11.12 or higher, the setup wizard shows you a list of licensed services from the feature key. The wizard automatically enables the listed services with recommended settings. For WebBlocker, the wizard recommends content categories to block, and you can change these settings in the wizard.
Configure Log Server (Optional)
Configure the Firebox to send log messages to a WatchGuard Log Server.
Configure Management Server Settings (Optional)
Configure the Firebox to communicate with a WatchGuard Management Server.
Enable remote management (Optional)
Enable remote management if you want to manage this Firebox through the external interface.
Create Firebox passphrases
You must create two passphrases for connections to the Firebox: a status passphrase for read-only connections and a configuration passphrase for read-write connections. Both passphrases must be at least 8 characters long, and they must be different from each other.
- Click Finish to close the wizard.
The wizard saves the basic configuration to the Firebox and to a local configuration file.
After the Wizard Finishes
After you complete the wizard, the Firebox is set up with a basic configuration that allows outbound TCP, UDP, and ping, traffic, and blocks all unrequested traffic from the external network. It uses the interface IP addresses and administrative passphrases you specified. The default policies and service enabled by the wizard depend on the version of Fireware the Firebox uses. For details about the default policies and services, see Setup Wizard Default Policies and Settings.
If your Firebox uses Fireware v11.11.x or lower, the Web Setup Wizard does not enable subscription services, even if they are licensed in the feature key. To enable the security services and proxy policies with recommended settings, upgrade the Firebox to Fireware v11.12 or higher, reset it to factory-default settings, and then run the Web Setup Wizard again.
After you create the basic configuration you can edit the device configuration to further customize the settings.
- For information about how to complete the installation of your device after the Quick Setup Wizard is finished, see Complete Your Installation.
- For information about how to start WatchGuard System Manager, see Start WatchGuard System Manager.
- For information about how to connect to Fireware Web UI, see Connect to Fireware Web UI.