With Web UI is Network->Interfaces right place?

Thanks to Bruce Briggs who helped me in September. It was just that I find.
Our ISP brought to our building fiber cable. Before we use Huawei 4G router to internet. We ordered the connection with static IP. They knew that we have Firebox T15 firewall and they installed Zhone fiber converter which to replace Huawei 4g router in the future. I got information: IP: aaa.bbb.ccc.206, mask:, GW: aaa.bbb.ccc.193 DNS1: aaa.bbb.ccc.2 DNS2: aaa.bbb.ccc.3. In all fields aaa,bbb,ccc are same numbers.
I'm novice with firebox. I guess to start in Web UI network->interface and edit external IPv4 configuration mode and change DHCP to static IP and use IP address aaa.bbb.ccc.206 but what are other fields to fill? Or can I find the exact point from menu where put these IP values?


  • When you change the external interface type to Static IP addr, the menu changes.
    Just add the new external IP addr, subnet mask, & gateway addr, then Save

    subnet mask of = /27

  • Bruce thanks from that answer I went forward. Now one computer which was on went to internet and we can measured the velocity 100/100 that was ok. Those other computers cannot find the intenet. The internal network which use -255 trusted pool was ok and two fileservers were found in but access to the internet fails.
    I think that the best is clear all set all new. What is the best way clear all? At first I set static ip as you tell me trough network->interfaces menu. How I then crate the trusted set of IP numbers from class 10.50.1.x. I think that I have lost dns servers and perhaps DHCP server

  • What do you see in Traffic Monitor which indicates issues?

  • edited March 2020

    In Network -> Interfaces -> DNS/WINS, add your ISP's DNS server IP addr or, which is a Google DNS server IP addr

    On a problem PC, open a CMD box and enter:
    ipconfig /all
    That will show you the IP addr of the client, the Gateway addr & the DNS server IP addr

  • Also try power off/on of problem PCs to see if that clears issues.

  • After eight hours I go to the building where firebox is and I can see traffic monitor and anser exactly all questions. I can add for example Googles DNS. I think that I have forgotten whole field. I did power off/on of all switches and PC's. only one PC works and others ten did'nt had access to the internet. Other PC works in the internal network Excel works you can print and file servers works. With ipconfig I saw old mask and old gateway, what I wonder.

  • What is providing DHCP to those PCs?
  • That's a good question I have taught that it's firebox from pool from trusted area and gateway have been from Huawei new gateway I gave to new static IP area. I go to the building and put DNS as you tell DNS/WINS area

  • I added ISP's DNS servers names in Network->Interfaces->DNS/WINS
    When I done this I noticed that mode is "Mixed routing mode" is that correct?

  • Yes
    Why are PCs getting the Huawei IP address?

  • What was your exact setup before the ISP changed? You stated, "Before we use Huawei 4G router to internet." You then mentioned that you have a T15. I am assuming from you "they installed Zhone fiber converter which to replace Huawei 4g router in the future" comment that the Huawei 4G router provided Internet access, and that the T15 was connected on its WAN port to the Huawei 4G router.

    Is that correct, so that the flow from outside to inside was Internet > Huawei router > T15 WAN port > T15 LAN port > internal switches > computers, printers, etc.?

    If the above is true, and now you have a fiber connection to the T15 instead of the Huawei router connecting to the T15's WAN port, then you should not change anything on the LAN side of the T15.

    The normal process of changing an ISP is to just change the WAN interface.

    Also, I highly recommend using Policy Manger to make backups and changes rather than using the web UI.

    Gregg Hill

  • I explain the situation imperfectly the Huawei ip-address are in the other computers which have not yet get new IP address and they have the wrong old one.
    In the morning I installed new ISP's DNS as you advised and after that I launch PC in the new office where Firebox T15 and fiber cable and little 8-port switch and the other devices are. All went fine the internet opened and I print ipconfig /all list 2,5 pages in the second page "Ethernet adapter Ethernet:" IPv4 Address preferred, mask, lease obtained 29.3.2020 13:21:13 (UTC-2), Lease expires 29.3.2020 21:21:13, default gateway DHCP server and DNS servers are the same as I gave one hour before. I think that watchguard firebox is OK. Thanks to you!
    I have still the problem. My computer which I set firebox with Web UI, through the same switch, don't find the internet after I reboot it In that computer have realtek ethernet controller but it works elsewhere.

  • What do you see in Traffic Monitor for the IP addr of your computer?
    Are the IP addr, default gateway & DNS server correct for it?

  • There is a REASON that I asked "What was your exact setup before the ISP changed?" It helps us know what you had that worked, and what is now messed up. Please do not ignore any of the questions, and when you answer, please answer precisely.

    Before the change, what was your internal network subnet?

    Did you have the T15 in the pre-change setup, i.e., was your setup: Internet > Huawei router > T15 WAN port > T15 LAN port > internal switches > computers, printers, etc.?

    Or was it: Internet > Huawei router > internal switches > computers, printers, etc.?

    If the T15 was not in the original setup and it's new, have you activated the T15 and installed the feature key? If not, I believe that only one computer will get Internet access.

    Do you have a peer-to-peer workgroup internal network, or do you have a Windows domain? That will determine what INTERNAL DNS you should use.

    You have mentioned two different subnets, Huawei and now subnet. Why did you change the internal subnet?

    Gregg Hill

  • Hi Gregg I try to answer you questions. We have the setup: Internet > Huawei router > T15 WAN port > T15 LAN port > internal switches (2) > computers, printers, etc.
    When we bought T15 we thought that we install it to fiber cabel. We have been waiting from august ISP's fiber and lasr friday we got it. Unti then we have used 4G mobile technique and Huawei router. T15 was from the beginning because we must get 10.50.1.x internal ip-numers. The situation what was before the ligtning accident when adsl connection were broken. I've gone nuts in my words all the time the subnet has been (pool 2-255) gateway was from Huawei. At the beginning I have activated T15 and installed features key. We don't have a domain only the msworkgroup. The physical transformation that I had made. I take rl45 cable from Hyawei port and put it to zhone fiber converter port. The other end of the cable went out from T15 wan port.. Only changes that I had made are network->interfaces static ip, mask and gateway and dns/wins point Iset both DNS1 and DNS2. II haven't made any changes to trusted internal network.
    I hope that this clears the situation.
    Is watchguard system manager software the same as policy manager software? I try use that at the beginning but I couldn't get started and I have used Web UI.

  • A Fiber converter usually has a fiber connection and an Ethernet connection - it converts fiber <-> Ethernet.
    I would expect that your new fiber connection is your new ISP connection.
    Is the Huawei router still needed? Your ISP should tell you what is needed for connection to them.

  • In the morning I went to the T15 building and all works fine. Everybody has access to the internet and printing is working and file servers works.Menu thanks Bruce and Gregg you were very patient and kind to the novice with T15 .Maybe DNS takes time to start working.

  • Your "The physical transformation" description is precisely what we needed to know and is all you should have needed to do, i.e., just change the WAN interface settings and the physical connection of its cables.

    Yes, DNS can take some time to change, but doing an "ipconfig /flushdns" at a command prompt or just rebooting will clear a workstation's DNS cache. You may want to look into using a filtering DNS servers such as OpenDNS or CleanBrowsing.org DNS server to provide an extra layer of protection if you don't have DNS Watch set up.

    Policy Manager is a part of the WatchGuard System Manager download. To me, it is FAR SUPERIOR to managing via the web UI.

    Gregg Hill

Sign In to comment.