Monitor Networks on Fireboxes and FireClusters

Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes

On the Networks page, you can view the network list, SD-WAN list, ARP table, DHCP leases, and the routes that are configured on your Firebox.

This page is only available when your cloud-managed Firebox, or locally-managed Firebox with cloud reporting, is connected to WatchGuard Cloud.

To monitor networks on cloud-managed Fireboxes and locally-managed Fireboxes with cloud reporting:

  1. Select Monitor > Devices.
  2. Select a Firebox.
    The Device Summary page for the selected Firebox opens.
  3. Select Live Status > Networks.
    The Networks page opens. The page refreshes automatically every 30 seconds.

Screen shot of WatchGuard Cloud, Live Status, Networks

Networks

The Networks tab shows an overview of each network, including this information:

Name

The name of the network. To view network details, click the name. For more information, see Network Details.

Type

The type of network (for example, Internal, External, or Guest).

Interfaces

The Firebox interface that enables the network connection.

Devices

The number of devices on the network.

Wireless

The SSID name if wireless is enabled for the network, or the column is empty if it is disabled.

SD-WAN

All SD-WAN actions that include the network. Global indicates the Global Multi-WAN configuration includes the network.

SD-WAN

The SD-WAN tab shows all SD-WAN actions configured on the Firebox. This tab also shows the Global Multi-WAN configuration, which appears if you configure more than one external network.

The SD-WAN list includes this information:

Networks

The networks specified in the SD-WAN action. To view SD-WAN details, click the name. For more information, see SD-WAN Details.

Usage

The percent of traffic routed through each network specified in an SD-WAN Round-Robin action. For an SD-WAN action with no usage, the percent for each interface is 0%. The percent resets after any interface status change.

When an SD-WAN action handles a large number of connections (hundreds or thousands of connections), the usage percent more closely matches the weight ratio that you specified in the SD-WAN action.

Action

The SD-WAN method (Failover or Round-Robin).

Failback

The Failback method (Immediate, Gradual, or No Failback) specified in an SD-WAN Failover action.

Latency/Loss/Jitter

The current latency, loss, and jitter statistics for networks specified in the SD-WAN action.

Screen shot of the SD-WAN Live Status table

Address Resolution Protocol Requests

Address Resolution Protocol (ARP) is a protocol that associates the IP address with the MAC address of a network device. This list shows a maximum of 25 ARP entries.

Screen shot of WatchGuard Cloud Live Status Networks, ARP tab

The ARP tab displays this information about the devices that have responded to an ARP request from the Firebox:

IP Address

The IP address of the computer that responds to the ARP request.

HW Type

The type of Ethernet connection that the IP address uses to connect.

Flags

If the hardware address of the IP resolves, it is marked as a complete ARP entry (0×2 ) or a complete static ARP entry (0×6). If the ARP entry is incomplete, the flag displays 0×0.

MAC Address

The MAC address of the network interface card that is associated with the IP address.

Interface

The interface on the Firebox where the hardware address for that IP address was found.

DHCP Leases

A DHCP lease is a temporary assignment of an IP address to a device on the network. This list shows a maximum of 25 DHCP entries.

Screen shot of WatchGuard Cloud, Live Status, Networks DHCP

The DHCP tab displays this information about the DHCP client leases for the Firebox:

Interface

The Firebox interface that the client is connected to.

IP Address

The IP address for the lease.

Host

The host name. If there is not an available host name, this is empty.

MAC Address

The MAC address of the network interface card that is associated with the IP address.

Start

The time when the client requested the lease.

End

The time when the lease expires.

Configured Routes

On the Routes tab, you can monitor the routes configured on your Firebox. From the drop-down list, select IPv4 or IPv6.

Screen shot of WatchGuard Cloud, Live Status, Networks Routes

Destination

The destination IP address for the route.

Interface

The interface to which packets for this route will be sent (for example eth0 for interface 0).

Gateway

For an IPv4 route, the IP address of the gateway the route uses.

Flags

The flags set for each route. Some of the more common flags include:

  • U indicates a route that is up
  • H indicates a route to a host
  • G indicates an IPv4 route that uses an external gateway or an IPv6 route that uses the next hop

Metric

The routing metric, or cost for the route. A lower number indicates a lower cost, and higher route priority.

See Also

Add a Cloud-Managed Firebox to WatchGuard Cloud

Firebox Default Networks

Configure Firebox Network DHCP Settings

Configure Firebox Routes

Add a Locally-Managed Firebox to WatchGuard Cloud

Get Started — Add a Device to WatchGuard Cloud

Manage Fireboxes and FireClusters in WatchGuard Cloud