Upgrade Instructions for Firebox X Edge OS v10.2.9 or Higher to Fireware XTM v11.x
Posted by Samuel Turi on 03 May 2011 10:57 AM

Upgrade Instructions for Firebox X Edge OS v10.2.9 or Higher to Fireware XTM v11.x


Before you install the WSM and Fireware XTM v11.x software, read the release notes carefully. It's also a good idea to review the "What's New" presentation for a more detailed description of changes in Firebox functionality. You can find the "What's New" presentations as part of the documentation set at www.watchguard.com/help/documentation/fireware.asp.

To upgrade your Firebox X Edge e-Series to Fireware XTM from Edge v10.x or earlier, you must have Edge v10.2.9 or higher installed on your Edge. Any Edge devices that are centrally managed with a WatchGuard Management Server must be updated individually using this process. You cannot use the Scheduled Firmware Updates feature to update a device from Edge v10.x to Fireware XTM v11.x.


Upgrade your Firebox X Edge e-Series v10.2.9 or higher to Fireware XTM v11.x
Your Edge must have Firebox X Edge v10.2.9 or higher installed before you can upgrade to Fireware XTM v11.x. To upgrade your Edge, connect to your Edge from a Windows-based computer on a local (not routed) network behind the Edge on which you have administrator privileges. You can also upgrade your Edge from a computer on an external network (see the specific instructions below for more information).
The Update Wizard updates the operating system on your Edge and converts your Edge configuration to be compatible with Fireware XTM. The wizard converts all predefined and custom policies, security subscriptions, authentication settings, network settings, NAT settings, branch office VPNs, default threat protection settings, and logging and time settings. If you do not use the wizard (i.e. if you update directly from the v10.2.9 or higher web interface using the "sysa-dl" file), your configuration is not converted and your Edge reverts to its default configuration when the upgrade to Fireware XTM is complete. It is also important to understand:

  • The new Web UI is available only on port 8080 by default. You can change this port in the Web UI after you complete the Update Wizard. To connect to the Edge after it has been successfully updated, you must connect to the Edge with this URL: http://<IP address of your Edge>:8080
  • The default credentials for the Edge are: admin/readwrite and status/readonly. After you upgrade your Edge to Fireware XTM, you must use the user name admin when you want to log in to the Edge with read/write privileges.
  • After you upgrade your Edge from v10.2.9 or higher to v11.x, you must enable each type of Mobile VPN that you used in your previous Edge configuration again. This includes Mobile VPN with IPSec, SSL, or PPTP.
  • The Update Wizard does not convert some features. After you finish this procedure, examine your configuration for the following features, which are not converted by the Update Wizard:
    • MAC access control lists
    • Traffic Management
    • VLANs
    • Modem settings
    • Mobile VPN with IPSec
    • Mobile VPN with SSL
    • Mobile VPN with PPTP
    • NAT loopback
    • SNMP
    • Single Sign-On
       

To upgrade your Firebox X Edge from v10.2.9 or higher to Fireware XTM v11.x from a local Windows computer

  1. Connect to your Edge System Status page and select Administration > Backup to back up your existing Edge configuration file.
  2. Run the edge_11_3_x.exe file you downloaded from the software download site. The Firebox X Edge Update Wizard starts.
  3. Use the Firebox X Edge Update Wizard to load Fireware XTM v11.3.x on your Edge and convert your configuration file to v11.3.x. This upgrade can take as much as 10 minutes. Do not disconnect the power to your Edge during the upgrade.
  4. When the wizard is complete, you can connect to the Fireware XTM Web UI on your Edge with the URL http://<IP address of Edge>:8080.
  5. If you want to use WSM and Policy Manager with your Edge, you must install WSM software. To install WSM, download the WSM11_Xs.exe file from the software download site.
     

To upgrade your Firebox X Edge from v10.2.9 or higher to Fireware XTM v11.x from a local non-Windows computer
If you upgrade your Edge to Fireware XTM from a non-Windows-based computer or from any computer using the XTM_edge_11_3_x.zip file, your Edge configuration will be reset to its factory default settings when the upgrade is complete.

  1. Connect to your Edge System Status page and select Administration > Backup to back up your existing Edge configuration file.
  2. Decompress the XTM_edge_11_3_x.zip file you downloaded from the software download site.
  3. On the System Status page, click Update.
  4. Click Browse. Find and select the utm_edge.sysa-dl file, then click Open.
  5. Click Update. To complete the installation, you must restart the Firebox X Edge. When the update is complete the System Status page shows Fireware XTM v11_3_x.
     

To upgrade your Firebox X Edge from v10.2.9 or higher to Fireware XTM v11.x from a Windows computer on the external network
To upgrade your Edge from a computer on the external network, you can use the same instructions as for a local Windows computer, except you must know:

  • Before you try to upgrade the Edge, the Edge must be configured to allow WatchGuard System Manager (WSM) access. To enable WSM access, go to Administration > WSM Access.
  • The Update Wizard prompts you for a WSM Access passphrase. The WSM Access passphrase is the configuration passphrase you set when you enable WSM access on the Edge.
    The upgrade can take as much as 20 minutes to complete.
  • When the upgrade is complete, you can connect to the Edge from the external network only with WatchGuard System Manager or the CLI.
  • To enable external connections from the Web UI, you must edit the WatchGuard Web UI policy with Policy Manager or the CLI.
     

Downgrade Firebox X Edge e-Series from Fireware XTM v11.x to v10.2.9
Before you downgrade a Firebox X Edge e-Series from Fireware XTM v11 to Firebox X Edge v10.2.9 or higher, go to the WatchGuard Software Downloads Center. Download and save the file that matches the version of Edge software to which you want to downgrade. You can use Policy Manager or the Web UI to complete the downgrade procedure.
From the Web UI:

  1. Connect to your Edge System Status page and select System > Upgrade OS.
  2. Browse to and select the yakfw.sysa-dl file that you saved. Click Upgrade. This restores the operating system version you selected. The Edge will reboot and become active with the configuration that was in use on the Edge immediately before the upgrade to v11.
     

After the downgrade, make sure to use the correct URL to connect to the Edge device (a URL that does not specify port 8080).
You can also choose to restore the backup configuration file you saved before you upgraded to v11

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).