Configure Gateway Wireless Controller Settings

The Gateway Wireless Controller includes some settings that apply to all AP devices. These global settings include:

To configure the global Access Point settings on the Gateway Wireless Controller:

  1. Select Network > Gateway Wireless Controller.
    The Gateway Wireless Controller page appears.
  2. Select the Settings tab.
    The Settings page appears.

Screen shot of the Access Point Settings tab

  1. Configure the global AP device settings as described in the subsequent sections.
  2. Click Save.

Change the WatchGuard AP Passphrase

The WatchGuard AP Passphrase is used for all WatchGuard AP devices after they are paired with your XTM device. The Gateway Wireless Controller uses this passphrase to establish connections between the XTM device and the paired AP devices. This is also the passphrase you use to log in to the Access Point web UI of a paired AP device. You set the WatchGuard AP passphrase when you enabled the Gateway Wireless Controller.

To change the WatchGuard AP passphrase:

  1. In the WatchGuard AP Passphrase text box, type the passphrase to use for management of all AP devices.
  2. To make the passphrase you type visible, select Show passphrase.

Enable Automatic AP Device Firmware Updates

By default, the Gateway Access Controller is configured to automatically update the firmware on WatchGuard AP devices when a new version is available. The XTM device receives AP device firmware updates as part of a Fireware XTM OS update. If you update the Fireware XTM OS on your XTM device, and that update contains new firmware for the AP devices, the default setting enables the Gateway Wireless Controller to automatically update the firmware on all paired AP devices. If your XTM device is paired to more than one AP device, the Gateway Wireless Controller automatically updates the AP devices one at a time. The Gateway Wireless Controller updates one AP device every five minutes. The AP device power LED will flash red while the device is upgraded.

To disable automatic firmware updates:

Clear the Automatically update WatchGuard AP firmware when a new version is available on the XTM device check box.

If you disable automatic firmware updates, you can manually update the firmware for each AP device. For more information, see Update AP Device Firmware.

Configure Syslog Settings

By default, each AP device automatically stores recent syslog log messages locally. You can see the syslog messages stored on each AP device in Fireware XTM Web UI. For more information about how to see syslog messages for an AP device, see WatchGuard AP Device and Wireless Client Connections (Gateway Wireless Controller)

You can also configure all your AP devices to send syslog messages to the same, external syslog server. When you configure the syslog server in the Gateway Wireless Controller settings, all paired AP devices send syslog messages to the specified server.

Before you configure the Gateway Wireless Controller settings for an external syslog server, make sure the syslog server you specify is set up and your AP devices can connect to the IP address of the syslog server.

To configure your AP devices to send log messages to an external syslog server:

  1. Select the Send WatchGuard AP log messages to a syslog server check box.
  2. In the Syslog server IP address text box, type the IP address of the syslog server.

Enable Management VLAN Tagging

You can optionally use a tagged VLAN for management connections to the AP device. You can enable VLAN tagging for each AP device in the configuration for each AP device, or you can enable it in the Gateway Wireless Controller settings. If you want to use the same management VLAN ID for all paired access points, it might be most convenient to set the VLAN ID in the Gateway Wireless Controller settings.

If you enable management VLAN tagging in the Gateway Wireless Controller settings, you do not need to enable management VLAN tagging for each AP device. The XTM device uses the management VLAN ID specified in the Gateway Wireless Controller settings for management traffic to all AP devices, if management VLAN tagging is not enabled in the AP device settings.

To enable management VLAN tagging for all AP devices:

  1. Select the Enable Management VLAN Tagging check box.
  2. In the Management VLAN ID text box, type the VLAN ID you want to use for management. This must be a VLAN that is configured to handle tagged traffic to the interface your AP devices connect to.

If you specify a management VLAN ID in the configuration settings for an AP device, the XTM device uses the VLAN ID configured for the AP device instead of the VLAN ID specified in the Gateway Wireless Controller settings.

Set the Wireless Radio Region

WatchGuard AP devices automatically select the best radio channel to use from the allowed channels in the region where the device is located. To use the correct radio channels, you must select the location of your AP devices. All AP devices managed by the same XTM device use the same wireless radio region.

To set the wireless radio region:

From the Set the location of the WatchGuard AP devices drop-down list, select the country where your AP devices are located.

Enable SSH Access

Secure SSH access to wireless AP devices is used by WatchGuard Technical Support to help troubleshoot issues with the AP device. Enable this option only if requested by technical support.

To allow SSH access on all AP devices, select the Enable SSH access on all WatchGuard APs check box.

Configure MAC Access Control

In the MAC Access Control section, you can configure a list of denied or allowed MAC addresses for your AP devices.

To configure a list of denied or allowed MAC addresses for your AP devices:

From the Settings dialog box, select the MAC Access Control tab.

For more information, see Configure MAC Access Control.

See Also

Configure AP Device Radio Settings

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base