Working with the QuickSetup Wizard
8
WatchGuard Firebox System
Characteristics of a drop-in configuration:
• A single IP network not subdivided into smaller IP networks.
• The Firebox performs proxy ARP.
• All trusted computers must have their ARP caches flushed or timed out.
• All three Firebox interfaces are assigned the same IP address.
• The IP addresses of secondary networks are listed in the configuration file.
Routed mode
A routed network configuration is for situations where the Firebox is put in place
with separate logical networks on its interfaces. It assigns separate network addresses
to at least two of the three Firebox interfaces.
Characteristics of a routed configuration:
• There is more than one network recognized by the Firebox.
• You can relate different networks to different interfaces. Those networks then
come under the protection and access rules set up for that interface.
• Each interface must be on a separate logical network.
• If there are more than three networks, additional networks are added as
secondary networks.
• If there are only two networks behind the Firebox and you want to use the
routed configuration, use only the External and Trusted interfaces (do not use
the Optional interface).
Entering the Firebox IP address
On the wizard’s next screen, you enter the IP address for each Firebox interface and
specify whether you have an additional network on each interface.
Firebox Interface
: In a drop-in configuration, because all three interfaces share the
same IP address, you need to enter only one address. In a routed configuration,
however, each of the three Firebox interfaces has a different IP address. You need to
enter the IP address for each interface.
Unused IP:
If you have a secondary network on the Trusted interface, enable the
checkbox labeled
I have an additional non-routed network behind my Firebox
.
Enter an unused IP address on the secondary network.
Entering IP addresses
To type in your IP address, type the digits and periods in sequence. Do not use the
TAB key to jump past the periods.
If your address has a network mask, use slash notation to enter it. For information on
using slask notation, click the Help button on this screen.
Entering the Firebox default gateway
On the wizard’s next screen, enter the IP address of the default gateway to the
Firebox. This must be the IP address of your Internet router. Also, this IP address
