Options

What does not work if you do not activate a new appliance?

NetwrkNinjaNetwrkNinja
in Firebox - Subscription Services

First off. I understand the reasoning behind activating a box... Warranty, software upgrades, security ect... I manage a few WG devices currently.

One thing I never really knew the answer or can find it easily is :
What does not work if you dont activate a new box?

Scenario: T20 Device.
Unit will be deployed out in a location not easily accessable. Without external WAN, no internet. Network devices need to talk to eachother locally only, for now. In the future we possibly will put a Cellular LTE modem out there for connection at which point I will then activate the device. We basically need a dumb switch at this point. But wish to use the T20 as the switch so we dont have to re-install equipment in this special environment.

Im attempting to bridge ETH1-4 adding each interface to the trusted bridge, nothing seems to ping across the bridge. I have used this feature before without problems. Albit on activated devices.
Would this be a limitation on not activating the device?

Comments

  • Options
    Bruce_BriggsBruce_Briggs

    The only one that happen to know is:
    . only 1 internal IP addr will be allowed to go to external

    Anything obvious in traffic Monitor when the ping is tried?

  • Options
    NetwrkNinjaNetwrkNinja

    @Bruce_Briggs not really, other than a bunch of errors and complaints that it cant call home and activate a license. All the apps / features are complaining there isn't a licesne. I turned on logging on the ping policy. I tried pinging from the diagnostic tasks in WSM. And it wont ping from the device itself either. I know its not my laptop / or windows firewall as, if I plug directly into the other device I can ping directly attached. The minute I plug back into the T20 no Pings through. Looking at the tree view / interfaces in the WSM the are no packets changing on the interfaces either.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    -The device will only allow the first IP that attempts to get out to the internet, all others will be denied.
    -Features like multi-wan, IPSec BOVPNs, Mobile VPNs, and others will not work because no licensing data has been loaded.
    -No subscription services will work.

    The firewall's feature key is how it gets the license data, and you get that text file when you activate the device. Even if the device is expired, the feature key will still work and allow the device to act like a normal firewall.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.