Contents

Auvik Integration Guide

Auvik is an RMM (Remote Monitoring and Management) tool used by MSPs (Management Service Providers) for asset management. RMM agents are installed on MSP customer endpoints to discover, monitor, and manage IT assets. Auvik can discover WatchGuard devices and use authentication credentials to access specific device information such as subscription status, renewal date, hardware model, and other device properties.

This document describes how to use Auvik to discover and monitor a WatchGuard Firebox.

Platform and Software

The hardware and software used to complete the steps in this document include:

  • Firebox or WatchGuard XTM device with Fireware v12.3 or higher
  • Auvik Cloud
  • Auvik Collector installed on Windows 10

This diagram outlines the topology used for this integration:

test topy

Set Up the Firebox

SNMP Settings

You must configure SNMP settings on the WatchGuard Firebox before you can use Auvik to discover the Firebox.

  1. Log in to Fireware Web UI (https://<your firebox IP address>:8080).
  2. Select System > SNMP.

SNMP Settings

  1. From the Version drop-down list, select v3.
  2. In the User Name text box, type WatchGuard.
  3. From the Authentication Protocol drop-down list, select SHA1.
  4. In the Password and Confirm text boxes, type the authentication password.
  5. From the Privacy Protocol drop-down list, select DES.
  6. In the Passwordand Confirm text boxes, type the encryption password.
  7. Click Save.
  8. Select Firewall > Firewall Policies.
  9. Click Add Policy.
  10. Select the Packet Filter check box.
  11. From the Packet Filter drop-down list, select SNMP.

Add SNMP Firewall Policy

  1. Click Add Policy.
  2. Edit the policy traffic from Any-Trustedto Firebox.
    If you connect to an optional interface, specify Any-Optional instead of Any-Trusted.

Add SNMP Firewall Policy

  1. Click Save.
    The SNMP policy should appear with these properties.

SNMP Firewall Policy display

SSH Settings

You must configure SSH settings on the WatchGuard Firebox before you can manage the Firebox with Auvik.

  1. Select Firewall > Firewall Policies.
  2. Click Add Policy.
  3. Select Custom .
  4. Next to the Custom radio button, click Add.

add ssh policy

  1. In the Name and Description text boxes, type name and description.
  2. From the Protocols section, click Add.

Add Policy Template

  1. From the Type drop-down list, select Single Port.
  2. From the Protocol drop-down list, select TCP.
  3. In the Server Port text box, type 4118.
  4. Click OK.

Protocol

  1. Click Save.

Add Policy Template of ssh

  1. Click Add Policy.

Add Policy of ssh

  1. Edit the policy traffic from Any Trusted to Firebox.
    If you connect to an optional interface, specify Any-Optional instead of Any-Trusted

add ssh policy

  1. Click Save. The SSH policy should appear with these properties:

 add ssh policy done

Set Up Auvik

Install Auvik Collector

  1. Log in to Auvik Cloud.
  2. Select Navigation > All Client.
  3. Click Add Client.
  4. From the Add Client page, from the Type drop down list, select Client.
  5. In the Company Name text box, type the Company Name.
  6. In the Desired URL text box, type the client desired URL.

Add client

  1. Click Next.
  2. Select All users.

add client

  1. Click Save.

Client display

  1. Click Company Name.

Install collector

  1. Follow the guide to download and install the Auvik Collector on the probe computer. This computer must be on a LAN that is connected to the WatchGuard Firebox.
  2. After the Auvik Collector installation and a successful connection to Auvik Cloud, the Firebox appears in the All Clients page.

Collector install success

SNMP Credential Settings

  1. Select Discovery > Manage Credentials > SNMP Credentials.
  2. Click Add SNMP Credentials.
  3. In the Description text box, type the description for the SNMP credentials.
  4. In the Devices text box, use the default settings.
  5. From the Version drop-down list, select Version 3.
  6. In the Username text box, type the user name WatchGuard.
  7. From the Auth Protocol drop-down list, select SHA.
  8. In the Auth Passphrase text boxes, type the auth passphrase.
  9. From the Privacy Protocol drop-down list, select DES.
  10. In the Privacy Passphrase text boxes, type the privacy passphrase.

Add SNMP Credentials

Add SNMP Credentials

  1. Click Save.

Add SNMP Credentials done

SSH Global Settings

  1. Select Discovery > Discovery Settings > Service Settings > SSH.
  2. From the Use Default Ports drop-down list, select No – Custom Ports.
  3. In the Port text box, type 4118.
  4. Click Save.

SSH Global Settings

SSH Credential Settings

  1. Select Discovery > Manage Credentials > Login Credentials.
  2. Click Add Login Credentials.
  3. In the Description text box, type the description for the SSH credentials.
  4. In the Devices text box, use the default settings.
  5. From the Connect Using drop-down list, select Telnet or SSH.
  6. In the Username text box, type the user name admin (this is WatchGuard Firebox default admin user name).
  7. In the Password text box, type the password.
  8. In the CLI Enable Password text box, type the password.

SSH Credential Settings

  1. Click Save.

SSH Credential Settings done

Add SNMP Monitor

  1. Select Discovery > Discovery Settings > Monitor Settings.
  2. Click Add Monitor Setting.
  3. In the Name text box, type the monitor name.
  4. In the Devices text box, use the default settings.
  5. In the OID text box, type 1.3.6.1.4.1.3097.6.3.1.0.
    This is the WatchGuard Fireware version OID.
  6. From the Type drop-down list, select String.
  7. From the Use as drop-down list, select Monitor Only.
  8. From the Poll Period drop-down list, select 1 minute.

Add SNMP Monitor

  1. Click Save.

Add SNMP Monitor done

Test the Firebox and Auvik Integration

  1. Log in to Auvik Cloud.
  2. Select All Clients.

Client display

  1. Click the WatchGuard company name.
  2. The topology discovered by Auvik is displayed.

topology discovered display

  1. Click WatchGuard-XTM in the topology to see detailed information about this device.

Firebox information

Firebox information

Firebox information

  1. Select Debug > All OID Monitors.
    The Firebox Fireware version is displayed.

OID Monitor

  1. Select Documentation > Configurations, then click the discovered WatchGuard-XTM entry.

Firebox Configurations

  1. Select Documentation > Configurations in the top menu bar of the Firewall WatchGuard-XTM entry.

Firebox Configurations

  1. You will see all configurations that have been previously backed up.

configurations backup

  1. Choose any configuration, then select Manage Configuration > Export to export the selected configuration.

configurations export

  1. The Auvik Restore button is not operational for WatchGuard products at this time. The recommended method for restoring these devices is to export the configuration from Auvik, change the file extension to .xml, and then import the file with the Firebox Web UI.

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search