Troubleshoot a FireCluster in WatchGuard Cloud

Applies To: Cloud-managed Fireboxes

If you encounter issues, for example, a "Cannot perform action on incomplete Cluster" error when you try to add or configure a cloud-managed FireCluster in WatchGuard Cloud, make sure you review these requirements:

Both Fireboxes must be the same model number and be activated in your WatchGuard account
If the Fireboxes have module interfaces, make sure each Firebox has the same number and type of interface modules installed in the same slots
Both Fireboxes must have factory-default settings
Make sure both Fireboxes run the same firmware version, and that they both run the minimum version (Fireware v12.8.2 or higher, or v12.5.11 or higher for T35)
One cluster member must have a license for Total Security Suite or Basic Security Suite if you use security services. The other cluster member must have a minimum Standard Support license. You can use two cluster members with Standard Support licenses if you do not use security services.
Make sure the cluster interfaces on each Firebox are connected with an Ethernet cable. You can use a straight or crossover cable. We strongly recommend you use direct connections for the cluster interfaces between each cluster member. Network equipment between the cluster interfaces such as switches introduce additional points of failure and latency.
Make sure the external and internal interfaces of each cluster member are connected correctly to the corresponding external and internal networks.
When you verify a FireCluster connection from the Device Summary page in WatchGuard Cloud, only the cluster master connects to WatchGuard Cloud.
The status of the cluster master is Connected.
The status of the backup master is Never Connected (has not yet connected to WatchGuard Cloud for the first time), or Not Connected (is not currently connected to WatchGuard Cloud).

Troubleshoot a FireCluster in WatchGuard Cloud

Related Topics