,

Firebox System Manager (FSM) Tips and Tricks

,

Firebox System Manager (FSM) is one of the tools available through WatchGuard System Manager (WSM).  FSM is a live monitoring tool that can be used for troubleshooting or diagnostic purposes.  If using this tool, there are several tips and tricks to be aware of to make usage much more effective.

Interface Monitoring

Tab: Front Panel

The ability to properly monitor interfaces can be useful if setting up a new interface, or checking an external connection’s status.  You can expand the interfaces on your Front Panel to see more details about them.  External connections will either show Available or Failed.  You can also monitor sent and received packets to determine if traffic is flowing.

Front Panel Interface monitoring

Traffic Logs

Tab: Traffic Monitor

The Traffic Monitor tab is where you can see your firewall’s traffic logs.  There are a few tricks when reviewing traffic logs that may make deciphering the information easier.

  • Right-click in the Traffic Monitor window and select Settings. Set Maximum Log Messages to 25 to show as many cached logs at a time as the firewall allows.

  • Right-click in the Traffic Monitor window and select Settings. Check the box for Show Log Field Names to add in the log field description in log lines.

  • Any field listed can have its color changed to make it more visible when reading log messages. We recommend highlighting the Destination Port field in both the Traffic Allowed and Traffic Denied tabs.

Traffic Monitor tab selected in Settings

Diagnostic Tools

Tools > Diagnostic Tasks

There are several tasks you can run from the firewall to help with troubleshooting.  These can be found in FSM under Tools > Diagnostic Tasks.  From here you can ping, do a traceroute, perform a DNS lookup and run a packet capture/TCP dump.

  • You can check the box for Advanced Options at the bottom of the window to open up additional capabilities.

  • If you are trying to ping across one of the firewall’s BOVPNs, set Advanced Options and use the command:
    -I <Interface connected to the BOVPN> <IP to Ping>
    Example: -I -eth1 192.168.1.1

  • If you need to run a packet capture, select TCP Dump. Check Advanced Options, and check the box to Stream data to a file. This will save the packet capture to your computer so you can open in a program like Wireshark.

Diagnostic Task with Network tab selected

(888) 897-9680

Charlotte, NC - HQ • Columbia, SC • Raleigh, NC • Kansas City, MO • Philadelphia, PA • Tampa, FL