Monitor Networks on Cloud-Managed Fireboxes

Applies To: Cloud-managed Fireboxes

This feature is only available to participants in the WatchGuard Cloud Beta program.

On the Networks page, you can view the ARP table, DHCP leases, and the routes that are configured on your cloud-managed Firebox. This page is only available when your cloud-managed Firebox is connected to WatchGuard Cloud.

To monitor networks on cloud-managed Fireboxes:

  1. Select Monitor > Devices.
  2. Select a cloud-managed Firebox.
    The Device Summary page for the selected Firebox opens.
  3. Select Live Status > Networks.
    The Networks page opens. The page refreshes automatically every 30 seconds.


The Networks tab displays an overview of each network, including this information:


The name of the network.


The type of network (for example, Internal, External, or Guest).


The Firebox interface that enables the network connection.


The number of devices on the network.


Displays whether Wi-Fi access is enabled or disabled for the network.

Address Resolution Protocol Requests

Address Resolution Protocol (ARP) is a protocol that associates the IP address with the MAC address of a network device.

Screen shot of WatchGuard Cloud Live Status Netowrks, ARP tab

The ARP tab displays this information about the devices that have responded to an ARP request from the cloud-managed Firebox:

IP Address

The IP address of the computer that responds to the ARP request.

HW Type

The type of Ethernet connection that the IP address uses to connect.


If the hardware address of the IP resolves, it is marked as valid. If it does not, it is marked as invalid.

A valid hardware address can briefly appear as invalid while the Firebox waits for a response for the ARP request.

MAC Address

The MAC address of the network interface card that is associated with the IP address.


The interface on the Firebox where the hardware address for that IP address was found. The Linux kernel name for the interface is shown in parentheses.

DHCP Leases

A DHCP lease is a temporary assignment of an IP address to a device on the network.

The DHCP tab displays this information about the DHCP client leases for the cloud-managed Firebox:


The Firebox interface that the client is connected to.

IP Address

The IP address for the lease.


The host name. If there is not an available host name, this is empty.

Start Time

The time that the client requested the lease.

End Time

The time that the lease expires.

Configured Routes

On the Routes tab, you can monitor the routes configured on your cloud-managed Firebox.


The destination IP address for the route.


The interface to which packets for this route will be sent (for example eth0 for interface 0).


For an IPv4 route, the IP address of the gateway the route uses.


The flags set for each route. Some of the more common flags include:

  • U indicates a route that is up
  • H indicates a route to a host
  • G indicates an IPv4 route that uses an external gateway or an IPv6 route that uses the next hop
  • D indicates a dynamic route


The routing metric, or cost for the route. A lower number indicates a lower cost, and higher route priority.

See Also

Add a Cloud-Managed Firebox to WatchGuard Cloud

Firebox Default Networks

Configure Firebox Network DHCP Settings

Configure Firebox Routes