Contents

Introduction to FireboxV and XTMv

FirewareV and XTMv are Firebox models designed to run in the VMware ESXI or Microsoft Hyper-V environment. These models use the same Fireware OS and management software as other Fireboxes. You can use WatchGuard System Manager, Fireware Web UI, and the Command Line Interface (CLI) to manage a FireboxV or XTMv virtual machine just as you manage any other Firebox.

Models and Licensing

FireboxV and XTMv devices are licensed in several different models, which provide different levels of scalability and performance:

Firebox V models XTMv Models

Small

Medium

Large

Extra Large

Small Office Edition

Medium Office Edition

Large Office Edition

Datacenter Edition

When you activate your FireboxV or XTMv device, a feature key is generated. The feature key adds a device serial number and enables the Fireware capabilities for the licensed FireboxV model or XTMv model. The feature key is installed on the FireboxV or XTMv virtual machine during setup.

For a comparison of the features and capabilities of each FireboxV and XTMv model, see the Products section of the WatchGuard web site at www.watchguard.com.

Hypervisor Compatibility

A WatchGuard FireboxV or XTMv virtual machine can run in these environments:

  • VMware ESXi 5.5, 6.0, or 6.5 host (Firebox-V)
  • VMware ESXi 5.0, 5.1, 5.5, or 6.0 host (XTMv)
  • Windows Server 2012 R2 and Hyper-V Server 2012 R2
  • Windows Server 2016 and Hyper-V Server 2016

Fireware OS Limitations

FireboxV and XTMv use the same Fireware OS and support the same features and subscription services as other Firebox models, with the exception of a few features that are hardware-dependent.

Fireware features not supported on FireboxV and XTMv include:

  • Active/active FireCluster in VMware ESXi (FireCluster is not supported at all for Hyper-V)
  • Bridge mode network configuration
  • Hardware diagnostics CLI commands
  • Automatically save a support snapshot to a USB drive
  • Automatically restore a saved backup image from a USB drive

RapidDeploy configuration is not supported on FireboxV and XTMv.

Virtual Switch Configuration

To work correctly, some Fireware networking features require that you configure the virtual switch on your network in promiscuous mode. These features are: 

  • Drop-in mode network configuration
  • Network bridge
  • Mobile VPN with SSL, with the Bridged VPN Traffic setting

To use these features in an ESXi environment, configure the vSwitch to operate in promiscuous mode.

Virtual switches in Microsoft Hyper-V do not support promiscuous mode, so these features are not supported in a Hyper-V environment.

To use multiple VLANs on a single interface in an ESXi environment, configure the VSwitch for the VLAN interface to use VLAN ID 4095 (All).

FireCluster vSwitch Configuration

There are additional switch requirements for an active/passive FireCluster in an ESXi environment:

  • Configure the vSwitch that connects to the FireCluster management interface to operate in promiscuous mode
  • Configure any vSwitch that connects to a FireCluster external interface to accept MAC address changes

For detailed steps to set up two FireboxV or XTMv devices as a FireCluster, see Configure a FireCluster on VMware ESXi

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search