As a loyal WatchGuard customer, I’m sure that you’re aware that WatchGuard is growing! To address your future needs, WatchGuard Customer Support is changing the way our technicians connect to your WatchGuard appliance while working on a support case.
New Option to Enable Support Access
Over the years, you have used a list of IP addresses in a WatchGuard policy to grant our technicians access to a Firebox or XTM appliance to troubleshoot issues. For added security and ease of granting WatchGuard Support access, we have added an additional Support Access feature to Fireware v12.0.1. The Support Access option enables WatchGuard Support to connect to your Firebox with read-only permission. It adds a temporary user account with read-only permission and a temporary hidden policy that allows connections to the Firebox from ts.watchguard.com. You can automatically generate credentials or specify a user name and password to provide to your WatchGuard support representative. You can also define an expiration for the temporary Support Access account. Options for support access account expiration include:
- None (no expiration)
- 3 months
- 1 month
- 1 week
- 1 day
New Connection IP Network Address
Appliances that run Fireware v12.0 or earlier will continue to use the WatchGuard policy configuration process, which involves adding specific IP addresses and ranges to the WatchGuard policy. WatchGuard Support is migrating to a new public subnet as part of an IT infrastructure change. For instructions on updating or setting up your WatchGuard policy configuration please see the knowledge base article #10426: Allow WatchGuard Support to connect to your Firebox. As you migrate to Fireware v12.0.1 and higher software versions, please begin using the more secure and easy-to-use Support Access process to provide read-only access to your Firebox when working on support cases. For more detailed information on the Support Access feature, please see the online documentation.