Edit the FireCluster Settings

After you add a cloud-managed FireCluster, you can edit the FireCluster settings in WatchGuard Cloud.

For a detailed list of FireCluster requirements and best practices, see Before You Configure a Cloud-Managed FireCluster in WatchGuard Cloud.

FireCluster members reboot if you:

Change which interface is configured as the cluster interface or backup cluster interface
Add or remove the backup cluster interface
Change the primary cluster interface or backup cluster interface IP address
Change the cluster ID

Only edit the serial number when you have an RMA replacement Firebox. For more information about how to replace a cluster member, see Configure an RMA Replacement for a Cloud-Managed FireCluster Member.

To edit a cloud-managed FireCluster configuration:

Select Configure > Devices.
Select the FireCluster.
Select Device Configuration.
In the Settings tile, select FireCluster Settings.
The Settings page opens.
Select the FireCluster Settings tab.
In the Name text box, enter a friendly name to identify this FireCluster.
From the Time Zone drop-down list, select a time zone.

Screen shot of the Name and Time Zone settings for FireCluster

In the Cluster Interface text box, select an interface.
Cluster members use this dedicated interface to exchange heartbeat packets and to synchronize connection and session information.

In the Member1 Cluster IP Address and Member2 Cluster IP Address text boxes, enter an IP address that is not in use on your network.
To avoid conflicts with routable IP addresses, we recommend APIPA addresses or IP addresses from a dedicated private subnet.

(Optional) To add redundancy, select Assign Backup Cluster Interface. We recommend a backup cluster interface only if you use a switch between cluster interfaces. For more information about the backup cluster interface, see Before You Configure a Cloud-Managed FireCluster in WatchGuard Cloud
1. From the Backup Cluster Interface drop-down list, select an interface.
2. In the Member1 Cluster Backup IP Address and Member2 Cluster Backup IP Address text boxes, enter an IP address that is not in use on your network.

The primary and backup cluster interfaces must be on different subnets. We recommend that you do not use a switch between each member for the cluster interfaces. If you do use a switch between cluster interfaces, the cluster interfaces must be logically separated from each other on different VLANs. We recommend that you configure a backup cluster interface if you separate the cluster interfaces with a switch.

In the Cluster ID text box, enter a number between 1 and 255.
The cluster ID uniquely identifies this FireCluster if there is more than one FireCluster active on the same layer 2 broadcast domain. If you only have one cluster, and your network does not have VRRP devices, you can use the default value.

The Cluster ID determines the virtual MAC (VMAC) addresses used by the interfaces of the clustered devices. If you configure more than one active/passive FireCluster on the same subnet, it is important to know how to set the Cluster ID to avoid a possible virtual MAC address conflict. For information on how the VMAC address is calculated, see Active/Passive Cluster ID and the Virtual MAC Address.

From the Communication Network drop-down list, select an option. The cluster master uses this network to send log messages from both cluster members to your Dimension or syslog server, and to manage the backup master.
In the Member1 Communication IP Address text box, type an IP address that is on the same subnet as your internal network. Your Dimension or syslog server must also be on this subnet.
In the Member2 Communication IP Address text box, type an IP address that is on the same subnet as your internal network. Your Dimension or syslog server must also be on this subnet.

Screen shot of the FireCluster settings

Click Save.

To configure settings on the NTP Servers and Device Feedback tabs, see:

To manage and monitor a FireCluster, see:

Edit the FireCluster Settings

Related Topics