Regenerate the Firebox Verification Code

Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes

Overview

When you add a Firebox to WatchGuard Cloud, WatchGuard Cloud generates a verification code. The Firebox uses this code to register to your account. The verification code expires after 30 days if the device does not connect to WatchGuard Cloud.

  • For Fireboxes manufactured with Fireware v12.5.2 or lower, the verification code is visible in WatchGuard Cloud, and you must copy it. Depending on the Firebox model and the installed version of Fireware, you might have to paste this code in the Firebox configuration.
  • For Fireboxes manufactured with Fireware v12.5.3 or higher, the verification code is not visible in WatchGuard Cloud, and you do not have to paste it in the Firebox configuration.

If your Firebox has a TPM (Trusted Platform Module) chip, and runs Fireware v12.5.3 or higher, the Firebox uses TPM to register with WatchGuard Cloud. For more information, go to Which Fireboxes have a TPM chip for secure registration with WatchGuard Cloud.

For an active/passive locally-managed FireCluster, you must always paste the verification code into the Firebox configuration, regardless of Firebox model.

You must paste the verification code in the Firebox configuration for:

  • A Firebox that runs Fireware v12.5.2 or lower.
  • A Firebox that does not have a TPM chip.
  • An active/passive FireCluster (all Firebox models).

Even if the Firebox does not require that you paste the verification code, you must complete the steps in Connect the Firebox to update the verification code on the Firebox.

Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the Devices permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.

View the Registration Status

The first time the Firebox connects to WatchGuard Cloud, the Firebox registers to your account. To view the Firebox registration status:

  1. Log in to WatchGuard Cloud.
  2. To view the settings for a device, from Account Manager, select a device.
  3. Select Configure > Devices.
  4. Select Device Settings.

If the Firebox has never connected to WatchGuard Cloud, the Device Settings page shows the number of days left to connect your device before the verification code expires. If the verification code is expired, you can regenerate the verification code.

Screen shot of the Device Status page for a Firebox that has never connected

If your Firebox is connected, the Connect Device section is not shown on the Device Status page.

In Account Manager and Device Manager, connected devices display a green circle to the left of the Firebox name.

Regenerate the Verification Code

You might have to regenerate the verification code if it has expired or to troubleshoot a registration failure. The steps to generate a new verification code depend on the version of Fireware the Firebox was manufactured with.

To regenerate the verification code:

  1. Log in to WatchGuard Cloud.
  2. Select Configure > Devices.
  3. Select the Firebox.
  4. Select Device Settings.
    The Connect Device section shows how to connect your device. If your device did not connect within 30 days, you must generate a new verification code.

    Screen shot of the Connect Device section for a Firebox that has an expired verification code

  5. To generate a new verification code, click Connect.
    After you generate a new code, the Device Status page shows the number of days until the code expires and instructions to connect your device.

    Screen shot of the connect Device section for a Firebox that has a non-expired verification code

After you generate a new code, Connect the Firebox.

You can regenerate a verification code for a Firebox that has the status Never Connected or for a Firebox that has the status Not Connected for longer than ten minutes.

To regenerate the verification code:

  1. Log in to WatchGuard Cloud.
  2. Select Configure > Devices.
  3. Select the Firebox.
  4. Select Device Settings.
    The Connect Device section shows how to connect your device. If your device did not connect within 30 days, you must generate a new verification code.

    Screen shot of the Connect Device section, with the Regenerate Code button

  5. Click Regenerate Code.
  6. In the confirmation dialog box, click Regenerate Code.
    A new verification code appears.

    Screen shot of the Copy Code button

  7. To copy the verification code, click Copy Code.
    The verification code is copied to the clipboard.
  8. Click Done.

After you generate a new code, Connect the Firebox.

Connect the Firebox

After you regenerate the verification code, you must use Policy Manager or Fireware Web UI to update the Firebox configuration so that the Firebox can connect to WatchGuard Cloud.

Even if the Firebox does not require that you paste the verification code, you must complete these steps to update the verification code on the Firebox.

If the Firebox uses an invalid verification code to register to WatchGuard Cloud, the WatchGuard Cloud status on the Firebox is Failed Registration. You can use Fireware Web UI or Policy Manager to update the verification code on the Firebox.

To update the WatchGuard Cloud configuration on the Firebox:

  1. Log in to Fireware Web UI.
    In the Front Panel, the WatchGuard Cloud Status shows Failed Registration.

    Screen shot of the Railed Registration status in Fireware Web UI Front Panel

  2. Select System > WatchGuard Cloud.
    The WatchGuard Cloud configuration page opens. If WatchGuard Cloud is enabled and the device could not register, the status is Failed Registration.

    Screen shot of the WatchGuard Cloud page in Fireware Web UI

    WatchGuard Cloud configuration for a Firebox that requires you to paste the verification code.

    Screenshot of the WatchGuard Cloud configuration for a Firebox that does not require you to paste the verification code

    WatchGuard Cloud configuration for a Firebox that does not require you to paste the verification code.

  3. To unlock the configuration, click the lock icon.
    The Save button appears.
  4. If the Firebox requires a verification code, in the Verification Code text box, paste the verification code you copied from WatchGuard Cloud.
  5. Click Save. You must click Save to update the configuration, even if you do not have to paste a verification code.
    The Firebox tries to register with WatchGuard Cloud.

The registration status changes to Pending Registration. After the Firebox successfully registers, the status changes to Registered.

To update the WatchGuard Cloud configuration on the Firebox:

  1. Connect to the Firebox with WatchGuard System Manager.
  2. Open the Firebox configuration in Policy Manager.
  3. Select File > Save > To Firebox.
  4. Type the administrator passphrase.
  5. In the File Name text box, accept the configuration file name and path or edit it.
  6. Click Save.
    If WatchGuard Cloud is enabled and the Firebox requires the verification code to register, the Register Firebox dialog box opens.

    Screen shot of the Register Firebox dialog box in Policy Manager

  7. If required for your Firebox, in the Verification Code text box, paste the verification code from WatchGuard Cloud.
  8. Click OK.

After you update the verification code, verify that the Firebox is connected to WatchGuard Cloud. For more information, go to:

Related Topics

Troubleshoot Firebox Connections to WatchGuard Cloud