WatchGuard Firebox System 7.0 User Guide
WatchGuard Firebox System 7.0 User Guide WatchGuard Firebox System 7.0 User Guide
Chapter 5: Using Policy Manager to Configure Your NetworkConfiguring Out-of-Band ManagementYou use the OOB tab on the Network Configuration dialogbox to enable the management station to communicatewith a Firebox by way of a modem (not provided with theFirebox) and telephone line. For information on configuringout-of-band management, see Chapter 17, “Connectingwith Out-of-Band Management.”Defining a Firebox as a DHCP ServerDynamic Host Configuration Protocol (DHCP) is an Internetprotocol that simplifies the task of administering alarge network. A device defined as a DHCP server automaticallyassigns IP addresses to network computers froma defined pool of numbers. You can define the Firebox as aDHCP server for the customer network behind the firewall.One parameter that you define for a DHCP server is leasetimes. This is the amount of time a DHCP client can use anIP address that it receives from the DHCP server. When thetime is close to expiring, the client contacts the DHCPserver to renew the lease.Note that the Firebox should not be used to replace anenterprise DHCP server. If you already have a DHCPserver configured, you should continue to use that serverfor DHCP.From Policy Manager:1 Select Network => DHCP Server.The DHCP Server dialog box appears, as shown in the followingfigure.66 WatchGuard Firebox System
Defining a Firebox as a DHCP Server2 Select the Enable DHCP Server checkbox.3 Enter the default lease time for the server.The default lease time is provided to clients that do notspecifically request times.4 Enter the maximum lease time.The maximum lease time is the longest time the server willprovide for a client. If a client requests a longer time, the requestis denied and the maximum lease time is provided.Adding a new subnetTo make available (private) IP addresses accessible toDHCP clients, add a subnet. To add a new subnet, youspecify a range of IP addresses to be assigned to clients onthe network. For example, you could define the addressrange from 10.1.1.10 to 10.1.1.19 to give clients a pool of 10addresses. From Policy Manager:1 Select Network => DHCP Server.2 Click Add.The DHCP Subnet Properties dialog box appears, as shown in thefollowing figure.User Guide 67
- Page 37 and 38: WatchGuard Users GroupGuard Technic
- Page 39 and 40: Online Helpto display a list of top
- Page 41 and 42: Assisted Supportto assist you in ma
- Page 43 and 44: Training and Certificationto speed
- Page 45 and 46: CHAPTER 3Getting StartedThe WatchGu
- Page 47 and 48: Gathering Network InformationNetwor
- Page 49 and 50: .Gathering Network InformationThe f
- Page 51 and 52: Selecting a Firewall Configuration
- Page 53 and 54: Selecting a Firewall Configuration
- Page 55 and 56: Selecting a Firewall Configuration
- Page 57 and 58: Selecting a Firewall Configuration
- Page 59 and 60: Setting Up the Management Station4
- Page 61 and 62: Cabling the FireboxUser Guide 39
- Page 63 and 64: Running the QuickSetup WizardProvid
- Page 65 and 66: Entering IP addressesRunning the Qu
- Page 67 and 68: What’s Nextservices, in addition
- Page 69 and 70: CHAPTER 4Firebox BasicsThis chapter
- Page 71 and 72: Opening a Configuration FileTrusted
- Page 73 and 74: Saving a Configuration File3 From t
- Page 75 and 76: Resetting Firebox Passphrasesenter
- Page 77 and 78: Setting the Time Zone2 Select the m
- Page 79 and 80: CHAPTER 5Using PolicyManager toConf
- Page 81 and 82: Setting IP Addresses of Firebox Int
- Page 83 and 84: Setting DHCP or PPPoE Support on th
- Page 85 and 86: Defining External IP Aliases2 Confi
- Page 87: Entering WINS and DNS Server Addres
- Page 91 and 92: Adding Basic Services to Policy Man
- Page 93 and 94: Configuring Routes3 Click the Net o
- Page 95 and 96: CHAPTER 6Managing andMonitoring the
- Page 97 and 98: Viewing Basic Firebox StatusThe top
- Page 99 and 100: Viewing Basic Firebox Statusbut the
- Page 101 and 102: Viewing Basic Firebox Status• The
- Page 103 and 104: Monitoring Firebox TrafficSetting t
- Page 105 and 106: Performing Basic Tasks with System
- Page 107 and 108: Performing Basic Tasks with System
- Page 109 and 110: Viewing Bandwidth Usage(shown above
- Page 111 and 112: Viewing Details on Firebox Activity
- Page 113 and 114: Viewing Details on Firebox Activity
- Page 115 and 116: Viewing Details on Firebox Activity
- Page 117 and 118: Viewing Details on Firebox Activity
- Page 119 and 120: HostWatchHostWatchHostWatch is a re
- Page 121 and 122: HostWatch3 Enter the Firebox status
- Page 123 and 124: CHAPTER 7Configuring NetworkAddress
- Page 125 and 126: Using Simple Dynamic NATService-bas
- Page 127 and 128: Using Simple Dynamic NAT3 Use the T
- Page 129 and 130: Using Service-Based Dynamic NATEnab
- Page 131 and 132: Configuring a Service for Incoming
- Page 133 and 134: Using 1-to-1 NATA one-to-one mappin
- Page 135 and 136: CHAPTER 8Configuring FilteredServic
- Page 137 and 138: Selecting Services for your Securit
Chapter 5: Using Policy Manager to Configure Your NetworkConfiguring Out-of-Band ManagementYou use the OOB tab on the Network Configuration dialogbox to enable the management station to communicatewith a <strong>Firebox</strong> by way of a modem (not provided with the<strong>Firebox</strong>) and telephone line. For information on configuringout-of-band management, see Chapter 17, “Connectingwith Out-of-Band Management.”Defining a <strong>Firebox</strong> as a DHCP ServerDynamic Host Configuration Protocol (DHCP) is an Internetprotocol that simplifies the task of administering alarge network. A device defined as a DHCP server automaticallyassigns IP addresses to network computers froma defined pool of numbers. You can define the <strong>Firebox</strong> as aDHCP server for the customer network behind the firewall.One parameter that you define for a DHCP server is leasetimes. This is the amount of time a DHCP client can use anIP address that it receives from the DHCP server. When thetime is close to expiring, the client contacts the DHCPserver to renew the lease.Note that the <strong>Firebox</strong> should not be used to replace anenterprise DHCP server. If you already have a DHCPserver configured, you should continue to use that serverfor DHCP.From Policy Manager:1 Select Network => DHCP Server.The DHCP Server dialog box appears, as shown in the followingfigure.66 <strong>WatchGuard</strong> <strong>Firebox</strong> <strong>System</strong>