SD-WAN if there is only 1 WAN network and 1 ISP ? Cloud Managed Firebox.
I saw a WatchGuard YouTube video that indicated that SD-WAN can be configured on a Firebox without Multi-WAN. And that would allow for some type of monitoring of Latency, Jitter, and Bandwidth. I tried to configure this today on a Cloud-Managed Firebox, but I got hung up where I had to choose either Failover or Round Robin. I don't want either, since there is only one ISP and one WAN network on the Firebox. Am I missing something ?
Best Answer
-
james.carson
Moderator, WatchGuard Representative
Hi @Al_Gomas
If you're not seeing bandwidth, I'd suggest ensuring that logging for reports it turned on for your policies.
If you're still not seeing bandwidth, I'd suggest opening a support case -- under most circumstances your firewall should be tracking that regardless of SD-WAN/Link Monitor being on or off.
-James Carson
WatchGuard Customer Support0
Answers
Hi @Al_Gomas
If you want to monitor Loss, latency, and jitter, you don't need to set up multi-wan. You just need to set a link monitor address.
If you're using policy manager, go to Network -> Configuration, and go to the Link Monitor tab.
-On the left side of the window under monitored interfaces, click Add.
-Select your external interface, and click OK.
-On the right side under Settings, click Add, and type in the address that you want the firewall to measure against, and click OK.
-Save the changes to the firewall.
If you're using WebUI, go to Network -> Link Monitor.
-Click Add.
-Select your external interface and click OK.
-Click the name of your external interface to configure it.
-On the top, where you see a table with "Type" and an add button, click Add.
-Set the target you want to use to measure and click OK.
-Save the changes to the firewall.
-James Carson
WatchGuard Customer Support
Thanks @james.carson.
Question: Is this do-able for a firewall that is cloud-managed ?
Hi @Al_Gomas
You should be able to enable link monitor by going to the configure tab.
-Under Devices, go to Device configuration.
-Under Networking, click the Networks link (it is right above the part that says 1 External, 1 Internal, 1 Guest (except it will say the numbers for your network(s).)
-Click your external network on the top of the page.
-Click the link monitoring tab
-Move the slider to enable link monitoring.
-Choose custom.
-Specify the target you want to monitor, and save. Remember to deploy your changes.
-James Carson
WatchGuard Customer Support
@james.carson
Hey James,
Thanks a bunch. I configured the Link Monitoring yesterday, but I was looking in the wrong place for the monitoring data. Found it now.
Is it possible to get the bandwidth info with only 1 physical WAN interface ?
I see it on a firewall that has two ISP connections coming into it - under Live Status > Networks > SD-WAN. Loss, Latency, Jitter, Bandwidth.
I really appreciate the help. Wanted to say that.
Visual Display of Bandwidth Usage (Bandwidth Meter) (FSM)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/fsm/visual_display_bandwidth_wsm.html?Highlight=bandwidth
Web UI -> Dashboard -> Interfaces
On the Interfaces page, you can see current bandwidth and detailed information for the active interfaces on your device. This includes wireless interfaces configured for your AP devices.
For reporting:
Include Performance Statistics in Log Messages (WSM)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/logging/perf_stat_logging_enable_disable_wsm.html
Configure Logging Settings & Performance Statistics (Web UI)
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/logging/logging_settings_configure_web.html?Highlight=bandwidth web ui
@james.carson
Thanks.
@Bruce_Briggs
Thanks.