Monitor Networks on Fireboxes and FireClusters

Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes

On the Networks page, you can view the network list, DNS servers, wireless radios, SD-WAN list, ARP table, DHCP leases, and the routes that are configured on your Firebox.

This page is only available when your cloud-managed Firebox, or locally-managed Firebox with cloud reporting, is connected to WatchGuard Cloud.

To monitor networks on cloud-managed Fireboxes and locally-managed Fireboxes with cloud reporting:

  1. Select Monitor > Devices.
  2. Select a Firebox.
    The Device Summary page for the selected Firebox opens.
  3. Select Live Status > Networks.
    The Networks page opens. The page refreshes automatically every 30 seconds.

Screen shot of WatchGuard Cloud, Live Status, Networks

Networks

The Networks tab shows an overview of each network, including this information:

Name

The name of the network and the network status. A green icon indicates the network is up, and a red icon indicates the network is down. To view network details, click the name. For more information, see Network Details.

Type

The type of network (for example, Internal, External, or Guest).

Interfaces

The Firebox interface that enables the network connection.

Devices

The number of devices on the network.

Wireless

The SSID name if wireless is enabled for the network. The column is empty if wireless is disabled.

SD-WAN

All SD-WAN actions that include the network. Global indicates the Global Multi-WAN configuration includes the network.

The Networks tab also shows DNS servers and wireless radios (for Firebox wireless models).

SD-WAN and Global Multi-WAN

The SD-WAN tab shows all SD-WAN actions configured on the Firebox. This tab also shows the Global Multi-WAN configuration, which appears if you configure more than one external network.

SD-WAN

For each SD-WAN action, you can see this information:

SD-WAN Name and Overall Status

The name that you entered in the SD-WAN action configuration and an icon that indicates the overall status of the SD-WAN action.

The icon color indicates the availability of networks in the SD-WAN action:

— All networks in the SD-WAN action are active and qualified.

— Some networks in the SD-WAN action are not active or qualified.

— No networks in the SD-WAN action are active or qualified.

A network is active when no physical link failure is detected, and if you enabled link monitoring, probes to the next hop are successful. A network is qualified if loss, latency, and jitter do not exceed the values that you entered.

Networks appear in the same order as in the SD-WAN action. The first interface is the primary interface. For the Failover SD-WAN method, the primary interface is preferred if it qualified.

Method

The SD-WAN method (Failover or Round-Robin).

Networks

The networks specified in the SD-WAN action. The icon color indicates the network status:

The network is active and qualified.

The network is not qualified.

The network is not active.

For an SD-WAN action that uses the Round-Robin method, network icons include a percentage. The percentage indicates how traffic for this SD-WAN action is load balanced across all qualified networks in the SD-WAN action.

For an SD-WAN action that uses the Failover method, an arrow indicates that a network in the SD-WAN action failed over to another network in the SD-WAN action.

For information about how the Firebox handles inactive and unqualified networks, see About SD-WAN Methods.

To view details about each network in the SD-WAN action, click the tile. For more information, see SD-WAN Details.

Global Multi-WAN

For Global Multi-WAN, you can see this information:

Overall status

The Global Multi-WAN name, which is Global, and an icon that indicates the overall status of the Global Multi-WAN.

The icon color indicates the availability of networks in the Global Multi-WAN:

— All networks in the Global Multi-WAN are active.

— Some networks in the Global Multi-WAN are not active.

— No networks in the Global Multi-WAN are active.

A network is active when no physical link failure is detected, and if you enabled link monitoring, probes to the next hop are successful.

Method

The method (Failover or Round-Robin).

Networks

The networks included in the Global Multi-WAN configuration.

Network icons

The icon color indicates the availability of networks in the Global Multi-WAN:

and — The network is active.

and — The network is not active.

For the Failover Global Multi-WAN method, an arrow indicates that a network failed over to another network.

To view details about each network in the Global Multi-WAN configuration, click the tile. For more information, see SD-WAN Details.

Address Resolution Protocol Requests

Address Resolution Protocol (ARP) is a protocol that associates the IP address with the MAC address of a network device. This list shows a maximum of 25 ARP entries.

Screen shot of WatchGuard Cloud Live Status Networks, ARP tab

The ARP tab displays this information about the devices that have responded to an ARP request from the Firebox:

IP Address

The IP address of the computer that responds to the ARP request.

HW Type

The type of Ethernet connection that the IP address uses to connect.

Flags

If the hardware address of the IP resolves, it is marked as a complete ARP entry (0×2 ) or a complete static ARP entry (0×6). If the ARP entry is incomplete, the flag displays 0×0.

MAC Address

The MAC address of the network interface card that is associated with the IP address.

Interface

The interface on the Firebox where the hardware address for that IP address was found.

DHCP Leases

A DHCP lease is a temporary assignment of an IP address to a device on the network. This list shows a maximum of 25 DHCP entries.

Screen shot of WatchGuard Cloud, Live Status, Networks DHCP

The DHCP tab displays this information about the DHCP client leases for the Firebox:

Interface

The Firebox interface that the client is connected to.

IP Address

The IP address for the lease.

Host

The host name. If there is not an available host name, this is empty.

MAC Address

The MAC address of the network interface card that is associated with the IP address.

Start

The time when the client requested the lease.

End

The time when the lease expires.

Configured Routes

On the Routes tab, you can monitor the routes configured on your Firebox. From the drop-down list, select IPv4 or IPv6.

Screen shot of WatchGuard Cloud, Live Status, Networks Routes

Destination

The destination IP address for the route.

Interface

The interface to which packets for this route will be sent (for example eth0 for interface 0).

Gateway

For an IPv4 route, the IP address of the gateway the route uses.

Flags

The flags set for each route. Some of the more common flags include:

  • U indicates a route that is up
  • H indicates a route to a host
  • G indicates an IPv4 route that uses an external gateway or an IPv6 route that uses the next hop

Distance

The routing distance, which is the cost for the route. A lower number indicates a lower cost and higher route priority. The maximum value is 255.

In Fireware v12.9 or higher, the Distance setting replaces the Metric setting.

Related Topics

Add a Cloud-Managed Firebox to WatchGuard Cloud

Firebox Default Networks

Configure Firebox Network DHCP Settings

Configure Firebox Routes

Add a Locally-Managed Firebox to WatchGuard Cloud

Get Started — Add a Device to WatchGuard Cloud

Manage Fireboxes and FireClusters in WatchGuard Cloud