Use the Web UI with a FireCluster
To connect to the FireCluster on an interface IP address:
https://<Firebox-IP-address>:8080
<Firebox-IP-address> is the IP address assigned to an interface.
To connect to an individual cluster member:
https://<cluster-member-management-ip-address>:8080
<cluster-member-management-IP-address> is the management IP address configured in the FireCluster settings for a member.
Web UI for the Cluster Master
There are two ways to connect to the cluster master. You can connect to the management IP address of the cluster master, or you can connect to an interface IP address. When you log in to the cluster master with a user account that has Device Administrator privileges, you can use Fireware Web UI to make any type of configuration change that you can make to a Firebox that is not a member of a FireCluster. For example, you can update the policies, services, VPN, network, and authentication settings. When you save configuration changes to the cluster master, the changes are automatically synchronized to the backup master.
You can also view diagnostic information for both cluster members. For more information, go to FireCluster Diagnostics.
You cannot use Fireware Web UI to:
- Enable or disable a FireCluster or change FireCluster settings
- Edit the configuration of the cluster interface
- Force a FireCluster member to fail over
- Make a member join or leave a cluster
- Discover a cluster member
When you use an interface IP address to connect to a FireCluster, you automatically connect to the current cluster master. The System widget in the Front Panel Dashboard page shows the member name and serial number of the cluster member that is the current cluster master.
When you connect to the cluster master or to an interface, most of the Dashboard pages and System Status pages show combined statistics and information for both cluster members.
There are two pages that do not show combined information for both members.
- Dashboard > Traffic Monitor
- System Status > Traffic Management
These pages show information about traffic on the cluster master by default. To see information about the other cluster member, select the cluster member name from the drop-down list at the top of the page.
Web UI for the Backup Master
You can use the management IP address of the backup master to log in to Fireware Web UI for the backup master cluster member. When you connect to the backup master, the configuration is always read-only, and you cannot save configuration changes.
On the backup master, you can use these functions on the Dashboard pages:
- Front Panel — Reboot the backup master
- Subscription Services — Update subscription services signatures on the backup master
When you connect to a backup master, the Dashboard pages and System Status pages show information for only that member, not for the entire FireCluster.
If you specify the management IP address of a FireCluster backup master to connect to the Guest Administration Portal, the portal is read-only, and this error message appears: The Firebox is a backup master of a FireCluster. Please log in to the management IP address of the FireCluster.
Upgrade Fireware OS for a FireCluster
You can upgrade Fireware OS for a FireCluster from Fireware Web UI. The steps to upgrade a FireCluster depend on which Fireware OS version you upgrade from.
- When you use the Web UI to upgrade a FireCluster from Fireware v11.11 or higher, both members are always upgraded automatically.
- When you use the Web UI to upgrade a FireCluster from Fireware v11.10.x or lower, you must connect to and upgrade each cluster member individually.
For more information, go to Upgrade Fireware OS for a FireCluster
FireCluster Backup and Restore in the Web UI
You can use Fireware Web UI to create a backup image of a FireCluster and restore it to cluster members. For more information, go to Create a FireCluster Backup Image and Restore a FireCluster Backup Image.
You can use the Web UI to backup and restore the configuration to cluster members, but WatchGuard recommends that you use Policy Manager to complete the backup and restore processes, if possible.