Troubleshoot RapidDeploy

After you enable RapidDeploy, you can troubleshoot the RapidDeploy process if the Firebox did not retrieve a configuration file.

You can use Traffic Monitor in Firebox System Manager or Fireware Web UI to search for the log messages for RapidDeploy. For example, if the RapidDeploy process was successful, you will see these log messages:

Screen shot of the RapidDeploy log messages in Traffic Monitor

For more information on how to use Traffic Monitor, go to Traffic Monitor (Fireware Web UI), or Device Log Messages (Firebox System Manager).

Troubleshoot Configuration File Retrieval

If the Firebox has not yet contacted WatchGuard to request the configuration file, and you have already followed the instructions in Connect the Firebox for RapidDeploy, make sure the external interface of the Firebox is connected to a network device with Internet access. If your Firebox uses DHCP to get an IP address for interface 0, verify that the network your Firebox connects to has a DHCP server.

Then, try again:

  1. Connect Interface 0 to a network with Internet access and a DHCP server.
    A local DHCP server is not required if you use a CSV file on the USB drive to configure Interface 0.
  2. Restart the Firebox with factory-default settings:
    • For a new Firebox, power off and then power on the Firebox.
    • For a previously configured Firebox, reset the Firebox to factory-default settings. For more information, see Reset a Firebox.
  3. Make sure the Firebox has a reliable power source and Internet connection while the configuration file download is in progress.
  4. If the Firebox is connected to a network that does not use DHCP, you can use the Web Setup Wizard to configure network settings for your Firebox to connect for RapidDeploy. For more information, see Run the Web Setup Wizard.

The RapidDeploy option is available in the Web Setup Wizard for Fireboxes that run Fireware v12.5.3 or higher.

Troubleshoot Configuration File Compatibility

Make sure the configuration file you use for RapidDeploy is compatible with the version of Fireware on your Firebox.

After the Firebox downloads the configuration file, the passphrases on the Firebox are changed to the passphrases you specified when you enabled RapidDeploy, even if RapidDeploy is not successful.

If the configuration file version is too low or too high

If the version in the configuration file is lower than Fireware v11.4.0, or higher than the version of Fireware OS installed on the Firebox, RapidDeploy fails, and the Firebox starts with factory-default settings, except for the device passphrases, which are changed to the passphrases you configured when you enabled RapidDeploy.

If the configuration file version is lower than or equal to the installed OS version

If the configuration file version is lower than or equal to the version of Fireware OS installed on the Firebox, RapidDeploy might have been successful. For information about how to verify whether RapidDeploy was successful, see Verify RapidDeploy Success.

It is also possible that RapidDeploy failed. Even if you upload a configuration file with a version number that exactly matches the OS version installed on the Firebox, the configuration file could contain some XML code that is not supported by the OS version on the Firebox. This could occur if you use a newer version of Policy Manager to save the configuration file. If you used Policy Manager to save the configuration to the file you uploaded, make sure the version of WatchGuard System Manager you use is not higher than the OS version installed on the Firebox that the configuration file is for.

Retry RapidDeploy

If the Firebox requested the RapidDeploy file, but RapidDeploy did not succeed, you can create and upload a new configuration file. Make sure that you do not save the file with a version of Policy Manager that is higher than the version of Fireware OS on the Firebox. For more information, see Create a Configuration File for RapidDeploy.

After you upload a new configuration file for RapidDeploy, restart the remote Firebox with factory-default settings. The Firebox automatically downloads the updated configuration file from WatchGuard. For more information about how to connect and restart the Firebox, see Connect the Firebox for RapidDeploy.