How to enable email notifications on Multi-WAN Failures?
Hi everyone,
I'm trying to set up email notifications for Multi-WAN failures on our WatchGuard firewall and hoping someone can point me in the right direction.
We have two external WAN interfaces configured, and I want to receive an email alert whenever one of them goes down. Ideally, the alert would be triggered by the Link Monitor failing to ping its target and then treating that particular WAN interface as down, indicating a problem with the ISP connection.
We're using WatchGuard Cloud in monitor mode for our on-premises device. I've been looking through the documentation and settings, but haven't been able to figure out the exact steps to configure these email notifications.
Can anyone provide a detailed explanation or guide on how to achieve this? Specifically, I need to know:
How to configure email notifications based on Link Monitor failures.
Which settings need to be adjusted in WatchGuard Cloud (considering we're in monitor mode).
Are there specific logs or reports I need to enable to ensure the failure triggers the notification?
Any help would be greatly appreciated!
Thanks in advance!
Comments
Bzw Anleitungen wie du die entsprechenden Einstellungen setzen musst.
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/multiwan/multi_wan_adv_set_c.html
https://www.watchguard.com/help/docs/help-center/en-us/Content/en-US/WG-Cloud/notifications_configure-rules-firebox.html
Do these notifications on the box itself trigger an alert email if required via WatchGuard Cloud?
Probably not as pertinent for ITManager30's case, but also suggest configuring an additional alert for when a device either loses connection to, or reconnects to, WatchGuard Cloud.
In the multi-WAN case, this would be if say both interfaces lose connectivity - once the second/failover one loses connectivity, it has no way of sending the interface "alert" to WatchGuard Cloud to then trigger the email.
This is more or less the same if you have a single external interface.
Having an alert that a device loses connectivity to WatchGuard Cloud doesn't necessarily mean all external interfaces are down though usually is the case.
Thanks. Could you confirm that from within the WatchGuard Cloud Rules area, we just need to set up a Device Alarms type notification? And then once we've done this go into the on-premises box and enable the specific notifications we require?
Thanks, this is very helpful.
Am I right in saying that to set up the loss of cloud connection alert we simply need to enable to "Cloud Connection Status" rule from within WatchGuard cloud?
@Hero
I've enabled the email notifications box for on the multi-wan screen as well so hopefully that will do it!
Correct - if you setup alerting on that rule you'll get a notification when a device either is connected to or loses communication with WatchGuard Cloud itself.
(Adding a new device to WatchGuard Cloud will trigger that alert too as a guide since a device has technically "connected" to WatchGuard Cloud).
Thanks @PhilT_VIT. Does the same apply to other email notification tickboxes within the Firebox itself?
Those from memory fall under the "device alarm" category in WatchGuard Cloud - ie. the same alert channel that is used for say when an interface is down is the same one used when say your Firebox feature key is about to expire.
Thanks Phil.
All seems to be working good now.