You can use the Fireware XTM Web UI to connect to a FireCluster or a cluster member. You can use an interface IP address to connect to the Web UI, or you can use the management IP address of a cluster member.
To connect to the FireCluster on an interface IP address:
<Firebox-IP-address> is the IP address assigned to an interface.
To connect to an individual cluster member:
<cluster-member-management-IP-address> is the management IP address configured for a member in the FireCluster settings.
You cannot use the Fireware XTM Web UI to connect to a FireCluster that uses Fireware XTM v11.8.x or lower.
There are two ways to connect to the cluster master. You can connect to the management IP address of the cluster master, or you can connect to an interface IP address. When you log in to the cluster master with an account that has a Device Administrator role, you can use the Fireware XTM Web UI to make any type of configuration change that you could make to a non-clustered device. For example, you can update the policies, services, VPN, network, and authentication settings. When you save configuration changes to the cluster master, the changes are automatically synchronized with the backup master.
You cannot use the Fireware XTM Web UI to change the FireCluster configuration or perform commands that affect the status of the cluster members. You cannot use the Fireware XTM Web UI to:
When you use an interface IP address to connect to a FireCluster, you automatically connect to the current cluster master. The System widget in the Front Panel dashboard shows the member name and serial number of the device that is the current cluster master.
When you connect to the cluster master or to an interface, most of the dashboard and system status page show combined statistics and information for both cluster members.
There are two pages that do not show combined information for both members.
These pages show information about traffic on the cluster master by default. To see information about the other cluster member, select the cluster member name from the drop-down list near the top of the page.
You can use the management IP address of the backup master to log into the Web UI of the backup master device. When you connect to the backup master, the configuration is always read-only, and you cannot save configuration changes. If you log in to the backup master with an account that has a Device Administrator role, you can use these upgrade, backup, and restore options on the backup master device:
On the backup master, you can also use these functions on the Dashboards:
When you connect to a backup master, the dashboards and system status pages show information only for that member, not for the entire cluster.
In the Fireware XTM Web UI handles backup/restore and OS upgrade functions for each cluster member individually.
You can use the Web UI to backup, restore, and upgrade cluster members, but we recommend you use Policy Manager to do these functions, if possible. Policy Manager automatically manages the backup, restore, and OS upgrades for all members of the cluster.
To backup and restore a device image for FireCluster members in the Web UI:
To upgrade the Fireware XTM OS for members of a FireCluster in the Web UI:
About WatchGuard FireCluster