Contents

Related Topics

About WatchGuard Wi-Fi Cloud

WatchGuard Wi-Fi Cloud is a powerful cloud-based enterprise wireless management solution for AP device configuration, security, and monitoring.

You can use the WatchGuard Wi-Fi Cloud service to manage these AP device models:

  • AP120
  • AP320
  • AP322
  • AP420

Manage AP Devices with WatchGuard Wi-Fi Cloud

For information about how to use WatchGuard Wi-Fi Cloud to configure and manage AP120, AP320, AP322, and AP420 devices, see the resources available on the WatchGuard Wi-Fi Cloud documentation page on the WatchGuard website.

To manage AP devices on your network with WatchGuard Wi-Fi Cloud, make sure that your AP devices have Internet connectivity and are able to communicate on HTTP TCP ports 80 and 443, and UDP port 3851 to connect to these domains:

  • redirector.online.spectraguard.net
  • *.mojonetworks.com
  • *.cloudwifi.com
  • *.airtightnetworks.com

These policy and proxy settings can help you facilitate access to WatchGuard Wi-Fi Cloud:

WG-Cloud-Managed-Wi-Fi Packet Filter Policy

To manage your AP devices with WatchGuard Wi-Fi Cloud, the AP devices must have Internet connectivity and must be able to communicate on HTTP TCP ports 80 and 443, and UDP port 3851 to connect to WatchGuard Wi-Fi Cloud services. The predefined WG-Cloud-Managed-WiFi packet filter policy that is available on your Firebox (Fireware OS v11.11.4 or higher) includes the required ports for WatchGuard Wi-Fi Cloud domains.

HTTP Proxy Exceptions

Domain names for WatchGuard Wi-Fi Cloud services are included by default in the HTTP Proxy Exceptions list on the Firebox. This prevents communications issues with cloud services and the HTTP Proxy when you connect from behind a Firebox. For more information, see HTTP-Proxy: Exceptions.

HTTPS Domain Name Rules

Domain names for WatchGuard Wi-Fi Cloud are included in the HTTPS Proxy Domain Names list on the Firebox. This allows access to the domain and bypasses HTTPS content inspection to prevent communications issues with cloud services and the HTTPS Proxy when you are behind a Firebox. For more information, see HTTPS-Proxy: Domain Names.

Blocked Site Exceptions

Domain names for WatchGuard Wi-Fi Cloud services are included by default in the Blocked Site Exceptions list on the Firebox. This prevents communications issues with cloud services when you connect from behind a Firebox. For more information, see Create Blocked Sites Exceptions.

Manage AP Devices Locally with the Gateway Wireless Controller

If you do not use WatchGuard Wi-Fi Cloud, you can manage AP120, AP320, AP322, and AP420 devices locally with the Gateway Wireless Controller on your Firebox.

  • To use Gateway Wireless Controller to manage an AP120, AP320, or AP322, the Firebox must run Fireware OS v11.11.2 or higher.
  • To use Gateway Wireless Controller to manage an AP420, the Firebox must run Fireware OS v11.12.4 or higher.

Pair AP Devices with the Gateway Wireless Controller

In their factory default state, AP120, AP320, AP322, and AP420 devices first try to connect to WatchGuard Wi-Fi Cloud. If the AP device is not activated and provisioned for cloud management, the AP device continues to try to connect to cloud services for several minutes.

When the AP device appears in the Unpaired Access Points section on the Gateway Wireless Controller Access Points page, you can pair the device with the Gateway Wireless Controller.

For information about device discovery and pairing, see WatchGuard AP Device Discovery and Pairing.

After you successfully pair the AP device with the Gateway Wireless Controller, the AP device does not try to connect to WatchGuard Wi-Fi Cloud again, unless you complete a factory reset of the AP device.

Change a Cloud Managed AP Device to be Locally Managed by the Gateway Wireless Controller

For information about how to change a cloud managed AP device to a locally managed device, see How to change a cloud managed AP120 or AP320 device to a locally managed AP device in the WatchGuard Knowledge Base.

Features not Supported by Locally Managed AP120, AP320, AP322, and AP420 Devices

These features are not supported on AP120, AP320, AP322, and AP420 devices that are locally managed by the Gateway Wireless Controller:

  • LED controls
  • Fast Handover
  • Radio rate settings
  • Client limits
  • External syslog support
  • Ability to disable DFS or select outdoor channels
  • Local Web UI access

Give Us Feedback     Get Support     All Product Documentation     Technical Search