New User, Watchguard T20, wired set-up only.

justthewayitis

I'm new to firewall appliances.

I'm using my box for it's abilities as a firewall and router. I followed the "Quick Start Guide" and the basic operation worked as expected out of the box... except once I had registered the product, downloaded the keys (copy and paste) and upgraded the OS, I was under the impression the other 3 ports would allow traffic that was connected to them, they are not. (default allowed one line or computer through for all the actions needed to register the box and software)

Again I'm new and I'm sure it's something simple, but searching for start up answers has not been very successful for me, I might be asking the wrong questions?

When on the web UI for my box, what category should I be in for turning the other three ports on to accept traffic from my other computers and printer?

Thank you for any help.

james.carson

Hi @justthewayitis

By default, the other ports won't be configured. The firewall is basically waiting for you to tell it what you want to do with them.

-By default, your trusted network will be configured to an interface. If you want the other ports to be different networks, you'll just need to configure those too.
See:
(Common Interface Settings)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/interfaces_config_c.html

-If you want the ports to all be on the same network, you'll need to make your network into a bridge, and assign the interfaces to that. I would suggest using the WatchGuard System Manager application (WSM) to do this, as it allows you to do all these steps at once.
See:
(Create a Network Bridge Configuration)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/net_config_bridge_create_c.html

(Assign a Network Interface to a Bridge)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/net_config_bridge_assign_c.html

As the firebox is essentially emulating a switch with a bridge interface, there's a bit of overhead involved, and it won't be as fast as a dedicated network switch. If you're looking to copy files, etc on the regular, I'd suggest just plugging a switch into port 1 and plugging your devices into that.

TestingTester

IMO, and after having done new devices time and again (and speaking MANY times with WG support). Make your interfaces VLAN, you end up with many more options in the end.

justthewayitis

@james.carson said:
Hi @justthewayitis

By default, the other ports won't be configured. The firewall is basically waiting for you to tell it what you want to do with them.

-By default, your trusted network will be configured to an interface. If you want the other ports to be different networks, you'll just need to configure those too.
See:
(Common Interface Settings)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/interfaces_config_c.html

-If you want the ports to all be on the same network, you'll need to make your network into a bridge, and assign the interfaces to that. I would suggest using the WatchGuard System Manager application (WSM) to do this, as it allows you to do all these steps at once.
See:
(Create a Network Bridge Configuration)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/net_config_bridge_create_c.html

(Assign a Network Interface to a Bridge)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/net_config_bridge_assign_c.html

As the firebox is essentially emulating a switch with a bridge interface, there's a bit of overhead involved, and it won't be as fast as a dedicated network switch. If you're looking to copy files, etc on the regular, I'd suggest just plugging a switch into port 1 and plugging your devices into that.

Thank you for getting the info to me, that was the help I needed and straight to the point. System is up and running.