Install the WatchGuard Agent and Connection Manager on Windows and Mac Computers

Applies To: FireCloud Internet Access, FireCloud Total Access This topic applies to accounts with a FireCloud Internet Access license or a FireCloud Total Access License.

You download the WatchGuard Agent from the FireCloud UI in WatchGuard Cloud. You can also get a link to the installer for your account and distribute this link to your users so they can download and install the WatchGuard Agent and Connection Manager themselves.

If you want to install FireCloud on a computer that already has the WatchGuard Agent installed for another product, such as Endpoint Security, you can configure a WatchGuard Agent deployment to install FireCloud. For more information, go to Configure WatchGuard Agent Deployment in WatchGuard Cloud.

The WatchGuard Agent for mac requires Rosetta. When you install the WatchGuard Agent and Rosetta is not installed, the installation fails and you are not prompted to authenticate and connect to FireCloud. In this scenario, you must manually go to Applications and run the ConnectionManagerInstaller. When you do this, you are prompted to install Rosetta. Install Rosetta and then manually run the WatchGuard Agent installer again.

To download the WatchGuard Agent (used to install the WatchGuard Connection Manager):

1. Log in to WatchGuard Cloud and go to Configure > FireCloud.
2. Select Endpoint Installation.
   The Endpoint Installation page opens.
3. Click Add Endpoint.
4. Select the operating system for the endpoint where you want to install the agent.
5. If you have Endpoint Security, select the group you want to add the computer to.
   For endpoints with an Endpoint Security license, the security policies assigned to a computer depend on the group it belongs to. For information about groups for endpoints with an Endpoint Security license, go to Manage Computers and Devices in Groups in Endpoint Security.
   • To add the computer to a group created in the Endpoint Security management UI, select Add Computers to this Group. From the drop-down list, select a folder.
   • To add the computer to an Active Directory group, select Add Computers to their Active Directory Path. Select the network proxy to assign to the computers.
     
6. (Optional) For the Windows installer, to specify an expiration date for the installer, click in the box and select a date from the calendar.
   After the expiration date, if users try to run the installer, a message informs them that the installer is expired, and they must download a new one or contact their administrator.
7. Click Download Installer.
   The WatchGuard Agent installer download begins.
8. If you want to send the installer to your users so they can download and install the agent themselves, click Copy Installer URL. You can send this link to your users.

To manually install the WatchGuard Agent and WatchGuard Connection Manager:

1. Run the downloaded installer.
2. Click Install. The installation of the WatchGuard Agent can take several minutes.
3. When the installation is complete, click Finish.
4. After the WatchGuard Agent is installed, the agent automatically downloads and installs the Connection Manager.
5. On mac computers, you are prompted to enable the network extension for the Connection Manager. Open the system settings and go to General > Login Items and Extensions > Network Extensions and enable WatchGuardConnectionManager.

   In some cases, you might be prompted to enable additional network extensions when the Connection Manager upgrades to a new version.

6. When the installation is finished, the Connection Manager opens and you are prompted to enter your credentials to connect to FireCloud. You use the credentials for the user account in your identity provider.

If the WatchGuard Agent fails to install the Connection Manager, the agent attempts the installation again after 4 hours. To try the installation again immediately, you can run the installer.

Connect to FireCloud with the WatchGuard Connection Manager

To connect to FireCloud, from WatchGuard Connection Manager:

1. Open the WatchGuard Connection Manager.
2. Click Connect.
3. Enter your user name or email address, then click Next.
4. Enter your password.
   A success message appears when you connect to FireCloud.

While you are connected to FireCloud, you are protected and can safely use your computer and browse the Internet. After you connect to FireCloud the first time, the agent keeps your session open and you remain connected even if you restart your computer.

On mac computers, you cannot connect or disconnect the Connection Manager from the VPN System Settings. To connect or disconnect to FireCloud, you must use the Connection Manager application.

Disconnect from FireCloud

In some cases, you might need to disconnect from FireCloud. For example, you might have to disconnect when you need to connect to a VPN.

To disconnect from FireCloud, in the system tray on your computer, right click the FireCloud icon, then select Disconnect. After you complete your task, you must manually connect to FireCloud again.

The FireCloud access rule that applies to your user group determines if you can manually disconnect from FireCloud

View Connection Manager Log Messages

To help troubleshoot FireCloud connections issues, you can use the Connection Manager log messages.

To view log messages:

1. In the system tray on your computer, click the FireCloud icon.
2. Select View Log Messages.
   You see your active log messages for the Connection Manager.

If necessary, you can save your log messages to a text file. You might do this when you work with WatchGuard Support to troubleshoot issues.

Related Topics

Install the WatchGuard Agent and Connection Manager on Windows and Mac Computers

WatchGuard Agent – Installation and Upgrade Error Messages

WatchGuard Agent MSI Install Issues with WatchGuard Endpoint Security