Before you install Fireware XTM v11.x software, read the information in the Known Issues section below.
Note To upgrade your Firebox X Edge e-Series to Fireware XTM from Edge v10.x or earlier, you must have Edge v10.2.9 or higher installed on your Edge.
Any Edge devices that are centrally managed with a WatchGuard Management Server must be updated individually using the process in these release notes. You cannot use the Scheduled Firmware Updates feature to update a device from Edge v10.x to Fireware XTM v11.x.
Your Edge must have Firebox X Edge v10.2.9 or higher installed before you can upgrade to Fireware XTM v11.x. To upgrade your Edge, connect to your Edge from a Windows-based computer on a local (not routed) network behind the Edge on which you have administrator privileges. You can also upgrade your Edge from a computer on an external network (see the specific instructions below for more information).
The Update Wizard updates the operating system on your Edge and converts your Edge configuration to be compatible with Fireware XTM. The wizard converts all predefined and custom policies, security subscriptions, authentication settings, network settings, NAT settings, branch office VPNs, default threat protection settings, and logging and time settings. If you do not use the wizard (i.e. if you update directly from the v10.2.9 or higher web interface using the "sysa-dl" file), your configuration is not converted and your Edge reverts to its default configuration when the upgrade to Fireware XTM is complete.
Note The new Web UI is available only on port 8080 by default. You can change this port in the Web UI after you complete the Update Wizard. To connect to the Edge after it has been successfully updated, you must connect to the Edge with this URL:
https://<IP address of your Edge>:8080
Note The default credentials for the Edge are: admin/readwrite and status/readonly. After you upgrade your Edge to Fireware XTM, you must use the user name admin when you want to log in to the Edge with read/write privileges.
Note After you upgrade your Edge from v10.2.9 or higher to v11.x, you must enable each type of Mobile VPN that you used in your previous Edge configuration again. This includes Mobile VPN with IPSec, SSL, or PPTP.
The Update Wizard does not convert some features. After you finish this procedure, examine your configuration for the following features, which are not converted by the Update Wizard:
Note If you upgrade your Edge to Fireware XTM from a non-Windows-based computer or from any computer using the XTM_edge_11_3_2.zip file, your Edge configuration will be reset to its factory default settings when the upgrade is complete.
To upgrade your Edge from a computer on the external network, you can use the same instructions as for a local Windows computer, except you must know:
Before you downgrade a Firebox X Edge e-Series from Fireware XTM v11 to Firebox X Edge v10.2.9 or higher, go to the WatchGuard Software Downloads Center. Download and save the file that matches the version of Edge software to which you want to downgrade. You can use Policy Manager or the Web UI to complete the downgrade procedure.
From the Web UI:
After the downgrade, make sure to use the correct URL to connect to the Edge device (a URL that does not specify port 8080).