Unsupported Features for a Cloud-Managed FireCluster

Applies To: Cloud-managed Fireboxes This topic applies to Fireboxes you configure in WatchGuard Cloud.

There are some configuration and management features that you cannot use with a cloud-managed FireCluster.

FireCluster Configuration and Management Limitations

• You must manage a cloud-managed FireCluster in WatchGuard Cloud. You cannot use Fireware Web UI, WatchGuard System Manager, or the CLI to manage a cloud-managed FireCluster.
• You cannot configure an active/active cloud-managed FireCluster. All cloud-managed FireClusters are active/passive.
• You cannot select to use the hardware status (the Hardware Health Index or HHI) as a criteria for FireCluster failover. In FireCluster event reports, the HHI status is Disabled.
• You cannot configure a different heartbeat failure threshold for failover.
• You cannot select an option to make a FireCluster member leave or join an existing cloud-managed FireCluster.
• You cannot select an option to discover a FireCluster member.
• You cannot create or restore a backup FireCluster image.
• You cannot see live status information for the cluster health status to confirm that the FireCluster is operational and ready to handle failovers. Current values for the System Health Index (SHI), Monitored Ports Health Index (MPHI), and Weighted Avg Index (WAI) are not available in WatchGuard Cloud. On the Live Status page for FireCluster, you can click an event to see historical data for the SHI, MPHI, and WAI.
• You cannot see the current Cluster Synchronization Status for File Objects. This means you cannot see whether the configuration information matches for both cluster members.
• The Monitor Link setting is not included in the FireCluster configuration in WatchGuard Cloud. This means you cannot select to exclude enabled interfaces that you do not want to monitor as MPHI failover criteria.
• On Firebox models with modular interfaces, you must use a built-in interface for the primary cluster interface.

Network Limitations

• You cannot configure a bridged network.
• FireCluster does not support modem interfaces.
• You cannot configure IPv6 address autoconfiguration or enable the DHCPv6 server on an interface.
• Configurations that require static ARP entries in the FireCluster configuration are not supported. In WatchGuard Cloud, you cannot add static ARP entries.

Wireless Limitations

When you configure two wireless Fireboxes as a FireCluster, the configuration must meet these requirements:

• Firebox T10-W and T15-W wireless models do not support FireCluster.
• You cannot use wireless interfaces as the primary or backup cluster interfaces.
• If the cluster interface IP address is on an interface that is bridged to a wireless network, you cannot use a wireless connection to manage the device.

Virtual Machine (VM) Limitations

• Firebox Cloud does not support FireCluster.
• For FireboxV virtual machines configured as a FireCluster, VMware does not send traffic from clients on the same ESXi host as a cluster member to the other cluster member on a different ESXi host. For more information, go to Configure a FireCluster on VMware ESXi.

Related Topics

About FireCluster in WatchGuard Cloud

Before You Configure a Cloud-Managed FireCluster in WatchGuard Cloud