About Factory-Default Settings

The term factory-default settings refers to the configuration on the XTM device when you first receive it before you make any changes. You can also reset the XTM device to factory-default settings as described in Reset a Device.

The default network and configuration properties for the XTM device are:

Trusted network

Interface 1 (Eth1) is configured as a trusted interface.

The default IP address for the trusted network interface is with a subnet mask of

The default IP address and port for the Fireware XTM Web UI is

The XTM device is configured to give IP addresses to computers on the trusted network through DHCP. By default, these IP addresses can be from to

External network

Interface 0 (Eth0) is configured as an external interface.

The XTM device is configured to get an IP address with DHCP.

Optional network

The optional network is disabled.

Default Device Administrator (read/write) user account credentials

User name: admin

Passphrase: readwrite

Default Device Monitor (read-only) user account credentials

User name: status

Passphrase: readonly

Firewall settings

All incoming traffic is denied. The outgoing policy allows all outgoing traffic. Ping requests received from the external network are denied.

System Security

Each Firebox or XTM device has two default Device Management user accounts that you can use to manage and monitor your device:

When you first run the Quick Setup Wizard to configure the device, you set the passphrases for these two user accounts. After you complete the Quick Setup Wizard, you can log in to Fireware XTM Web UI with either the admin or status user account. For full Device Administrator access, log in with the admin user name and passphrase. For read-only access, log in with the status user name and passphrase.

By default, the XTM device is set up for local management from the trusted network only. Additional configuration changes must be made to allow administration from the external network.

Upgrade Options

To enable upgrade options such as WebBlocker, spamBlocker, and Gateway AV/IPS, you must paste or import the feature key that enables these features into the configuration page, or use the Get Feature Key option to activate upgrade options. If you start the XTM device in safe mode, you do not have to import the feature key again.

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base