You can add your Fireboxes and WatchGuard access points to WatchGuard Cloud.
To monitor or manage Fireboxes from WatchGuard Cloud, you add the Firebox to your WatchGuard Cloud account.
When you add a Firebox to WatchGuard Cloud, you select how you want to manage the Firebox:
With this option, you use WatchGuard Cloud for all Firebox configuration management, monitoring and reporting. When you add a cloud-managed Firebox, you create a new configuration in WatchGuard Cloud. You cannot migrate an existing device configuration to WatchGuard Cloud.
For details about how to add a cloud-managed Firebox to WatchGuard Cloud, see Add a Cloud-Managed Firebox to WatchGuard Cloud.
For details about how to add a cloud-managed FireboxV to WatchGuard Cloud, see Add FireboxV to WatchGuard Cloud (Cloud-Managed).
For details about how to add a cloud-managed Firebox Cloud instance to WatchGuard Cloud, see Add Firebox Cloud to WatchGuard Cloud (Cloud-Managed).
Cloud Reporting with Local Management
With this option, you use WatchGuard Cloud for monitoring and reporting, and you use Fireware Web UI or WatchGuard System Manager to manage the device configuration. You can use this option to monitor any existing Firebox without the need to create a new configuration.
For information about how to add a locally-managed Firebox to WatchGuard Cloud, see Add a Locally-Managed Firebox to WatchGuard Cloud.
For information about how to add a locally-managed FireCluster to WatchGuard Cloud, see Add a FireCluster to WatchGuard Cloud.
For information about how to use this option to do RapidDeploy from WatchGuard Cloud, see RapidDeploy from WatchGuard Cloud.
After you add a device to WatchGuard Cloud, you can upgrade the firmware from WatchGuard Cloud. For more information, see Upgrade Firmware from WatchGuard Cloud.
To manage a WatchGuard access point from WatchGuard Cloud, you must add the access point to WatchGuard Cloud as a cloud-managed device.
Before You Begin
Before you add an access point to WatchGuard Cloud, make sure that:
- You have activated the access point in your WatchGuard Portal account. For more information, see Activate an Access Point.
- The access point has a current WatchGuard Standard or USP Wi-Fi license. For more information, see About Wi-Fi in WatchGuard Cloud Access Point Licenses.
- The access point is allocated to a Subscriber account (Service Providers only). For more information, see Access Point Allocation.
The access points use TCP port 443 to connect to WatchGuard Cloud.
Access points must also be able to connect to these destinations:
- *.watchguard.io for product activation and feature key updates
- *.cloud.watchguard.com for WatchGuard Cloud registration and connections
If you set up an access point behind a Firebox, and the Firebox performs inspection on HTTPS traffic, you must add *.watchguard.io to the content inspection exception list to enable the access point to receive a feature key from WatchGuard servers. This is enabled by default for cloud-managed Fireboxes in WatchGuard Cloud. For local-managed Fireboxes, see HTTPS-Proxy: Content Inspection for information on how to add an exception.
Add an Access Point
To add an access point to WatchGuard Cloud:
- Log in to your WatchGuard Cloud Subscriber account.
- Select Configure > Devices.
- In Device Manager, click Add Device.
A list of activated devices opens.
- Select the Access Point tab.
- Click the Name of the access point you want to add or click . Tip!
A confirmation dialog box opens.
- Click Add Device.
The Add Device to WatchGuard Cloud page appears.
- Type a Device Name for the access point.
The default name is the registered name of the device.
- Select the Time Zone of the location where the access point is installed. Click Next.
- From the IP Address Configuration drop-down list, select and configure one of these options, then click Next.
DHCP IP Address
Select this option to configure the access point to use DHCP to request an IP address.
Static IP Address
Select this option to configure the access point to use a static IP address.
Configure the Network IP Address and Netmask, a Gateway on the same subnet, and a DNS Server.
Enable Management VLAN
Select the Enable Management VLAN check box if you want to use a tagged VLAN for management communications to this access point. Select a VLAN ID from 1 to 4094.
- Select the Access Point Site settings that you want to apply to the access point.
Access Point Sites enable you to manage and deploy shared wireless settings for multiple cloud-managed access points. For more information, see About Access Point Sites.
From the Site drop-down list, select an existing site, or select None to use your own configuration for the device.
- Type an Admin Password for the access point.
This is the administrator password for Command Line Interface (CLI) access to the device. For more information, see Access Point Command Line Interface.
- Click Done.
The access point appears in the list of devices in WatchGuard Cloud.