You can configure three categories of device management properties from the Device Management page for your Firebox: connection settings, IPSec tunnel preferences, and contact information.
- On the Device Management page, in the Device Information section, click Configure.
The Device Properties dialog box appears.
- In the Display Name text box, type the name that you want to appear in WSM for the Firebox.
This is also known as the device friendly name.
- From the Firebox Type drop-down list, select the model of the device hardware and, if applicable, the OS version installed on it.
- If the Firebox has a static IP address, in the Hostname/IP Address text box, type or select the IP address for your device.
This list includes the external IP addresses that WSM uses to poll the device and to build VPN tunnels.
If the Firebox has a dynamic IP address, select the Device has dynamic external IP address check box and in the Client Name text box, type the name of the Firebox. The Client Name can be the IP address of the Firebox.
Example of a device configuration for a device with a dynamic IP address.
- Type the status and configuration passphrases for the Firebox.
- In the Shared Secret text box, type the shared secret between the device and the Management Server.
- If you logged in to the Management Server with Device Administrator credentials, to see the passphrases and shared secret in plain text, select the Show Passphrase check box.
- In the Lease Time text box, type or select the Management Server lease time. This is the time interval at which the managed device contacts the Management Server for updates. The default is 60 minutes.
- If you configure the device with a dynamic external IP address and want to use the device with a management tunnel, select the Use Management Tunnel for this device check box, and specify the Management IP Address and Hub Device for the tunnel.
For more information about how to configure a management tunnel, see Configure Management Tunnels.
For instructions to manually set up a device for management, see Configure a Firebox as a Managed Device.
IPSec Tunnel Preferences
In the Device Properties dialog box:
- Select the IPSec Tunnel Preferences tab.
- (Does not appear for Edge v10.0 or older) From the Tunnel Authentication drop-down list, select either Shared Key or IPSec Firebox Certificate. The second option uses the certificate for the Firebox.
For more information about certificates, see Certificates for Branch Office VPN (BOVPN) Tunnel Authentication.
- If you want your managed device to get its WINS and DNS settings through the IPSec BOVPN tunnel, type the primary and secondary addresses for the WINS and DNS servers. Otherwise, you can leave these fields blank.
You can also type a domain suffix in the Domain Name text box for a DHCP client to use with unqualified names such as kunstler_mail.
On the Device Management page for your Firebox, you can see the current entries in the Contact List and edit those entries. If you want to add a new entry in the Contact List for your managed device, you must first add it to the Management Server contact list.
For more information, see Manage Customer Contact Information.
In the Device Properties dialog box:
- Select the Contact Information tab.
A list of contact information for remote devices appears.
- To see entries in the contact list or edit an existing entry, click Contact List.
The Contact List appears.
- To edit an entry, double-click the entry you want to edit.
The Contact Information dialog box appears.
- Make any changes and click OK.
The updated entry appears in the Contact List dialog box.
- Click OK.