WSM User Guide - WatchGuard Technologies
WSM User Guide - WatchGuard Technologies WSM User Guide - WatchGuard Technologies
Backing up or Restoring the Management Server Configuration2 Click the Certificates tab.3 Type the Distribution IP Address for the Certificate Revocation List (CRL).By default, this is the address of the gateway Firebox. This is also the IP address the remote managed Firebox clientsuse to connect to the Management Server. If the external IP address of your Firebox changes, you must change thisvalue.4 Type the Publication Interval for the CRL in hours. This is the period after which the CRL isautomatically published.The default setting is zero (0), which means that the CRL is published every 720 hours (30 days). The CRL is alsoupdated after a certificate is revoked.5 Click OK when you complete the configuration.Recording diagnostic log messages for the Certificate Authority serviceTo have the Management Server send diagnostic log messages to the Windows Event Viewer, click theCertificates tab. Select the Debug CA Service log messages check box. To see the log messages, openthe Windows Event Viewer.Backing up or Restoring the Management Server ConfigurationThe Management Server contains the configuration information for all managed Firebox® X Edge andVPN tunnels. It is a good idea to create regular and frequent backup files for the Management Serverand keep them in a safe place. You can use this backup file to restore the Management Server in case ofhardware failure. You can also use this backup file if you want to move the Management Server to a new204 WatchGuard System Manager
Moving the WatchGuard Management Server to a New Computercomputer. To use the backup file after it is created, you must know the master encryption key. The masterencryption key is set when you first configure the Management Server.1 From your Windows toolbar, right-click the Management Server icon and select Stop Service.2 From your Windows toolbar, right-click the Management Server icon and select Backup/Restore.The Management Server Backup/Restore Wizard starts. Use the onscreen instructions to create a backup file orrestore a Management Configuration from a backup file.3 When the procedure is complete, right-click the Management Server icon on your Windows toolbarand select Start Service.Moving the WatchGuard Management Server to a New ComputerTo move the Management Server to a new computer, you must know the master encryption key. Youmust also make sure that the new Management Server is given the same IP address as the former ManagementServer.1 Use the Management Server Backup/Restore Wizard to:- Create a backup file of your current Management Server configuration.- Install the Management Server software on the new Management Server.- Use the WatchGuard® System Manager installation file and install the Management Serversoftware.2 Run the Restore wizard and select the backed up file.3 From the Windows toolbar, right-click the Management Server icon and select Start Service.User Guide 205
- Page 172 and 173: Configuring Policy PropertiesRepeat
- Page 174 and 175: Configuring Policy PropertiesSettin
- Page 176 and 177: Setting Policy Precedence2 Traffic
- Page 178 and 179: Setting Policy Precedence160 WatchG
- Page 180 and 181: Defining RulesThe fields you use fo
- Page 182 and 183: Customizing Logging and Notificatio
- Page 184 and 185: Configuring the SMTP ProxyConfiguri
- Page 186 and 187: Configuring the SMTP Proxyand 8-bit
- Page 188 and 189: Configuring the SMTP ProxyDefining
- Page 190 and 191: Configuring the FTP Proxy2 For info
- Page 192 and 193: Configuring the HTTP ProxyConfiguri
- Page 194 and 195: Configuring the HTTP ProxyBrowsers
- Page 196 and 197: Configuring the HTTP ProxyThis rule
- Page 198 and 199: Configuring the DNS ProxyConfigurin
- Page 200 and 201: Configuring the DNS ProxyAdding a n
- Page 202 and 203: Configuring the TCP Proxy184 WatchG
- Page 204 and 205: Creating and Editing ReportsStartin
- Page 206 and 207: Setting Report Properties“yesterd
- Page 208 and 209: Exporting ReportsSetting report pro
- Page 210 and 211: Using Report FiltersExcludeTo make
- Page 212 and 213: Report Sections and Consolidated Se
- Page 214 and 215: Report Sections and Consolidated Se
- Page 216 and 217: WatchGuard Management Server Passph
- Page 218 and 219: Changing the Management Server Conf
- Page 220 and 221: Configuring the Certificate Authori
- Page 224 and 225: Moving the WatchGuard Management Se
- Page 226 and 227: Managing Devices with the Managemen
- Page 228 and 229: Managing Devices with the Managemen
- Page 230 and 231: Managing Devices with the Managemen
- Page 232 and 233: Adding Devices to the Management Se
- Page 234 and 235: Using the Device Management Page17
- Page 236 and 237: Using the Device Management PageCon
- Page 238 and 239: Monitoring VPNsAdding a Firebox VPN
- Page 240 and 241: PKI in a WatchGuard VPNPKI in a Wat
- Page 242 and 243: Managing the Certificate Authority2
- Page 244 and 245: Tunneling ProtocolsVirtual private
- Page 246 and 247: IP Addressingsecurity of the networ
- Page 248 and 249: Network TopologyThis topology is th
- Page 250 and 251: WatchGuard VPN SolutionsSplit tunne
- Page 252 and 253: VPN Scenarios• You make tunnels b
- Page 254 and 255: VPN ScenariosSmall Company Using Ex
- Page 256 and 257: Adding VPN Resourcesapplies a VPN r
- Page 258 and 259: Making Tunnels Between Devices3 To
- Page 260 and 261: Removing Tunnels and Devices2 Expan
- Page 262 and 263: Configuring a GatewayTo configure t
- Page 264 and 265: Making a Manual Tunnel18 When you c
- Page 266 and 267: Making a Manual Tunnel7 From the Ty
- Page 268 and 269: Making a Tunnel Policy2 Make the ch
- Page 270 and 271: Setting up Outgoing Dynamic NAT thr
Backing up or Restoring the Management Server Configuration2 Click the Certificates tab.3 Type the Distribution IP Address for the Certificate Revocation List (CRL).By default, this is the address of the gateway Firebox. This is also the IP address the remote managed Firebox clientsuse to connect to the Management Server. If the external IP address of your Firebox changes, you must change thisvalue.4 Type the Publication Interval for the CRL in hours. This is the period after which the CRL isautomatically published.The default setting is zero (0), which means that the CRL is published every 720 hours (30 days). The CRL is alsoupdated after a certificate is revoked.5 Click OK when you complete the configuration.Recording diagnostic log messages for the Certificate Authority serviceTo have the Management Server send diagnostic log messages to the Windows Event Viewer, click theCertificates tab. Select the Debug CA Service log messages check box. To see the log messages, openthe Windows Event Viewer.Backing up or Restoring the Management Server ConfigurationThe Management Server contains the configuration information for all managed Firebox® X Edge andVPN tunnels. It is a good idea to create regular and frequent backup files for the Management Serverand keep them in a safe place. You can use this backup file to restore the Management Server in case ofhardware failure. You can also use this backup file if you want to move the Management Server to a new204 <strong>WatchGuard</strong> System Manager