Mushroom Networks Documentation

Mushroom Networks SD-WAN and WatchGuard UTM Configuration Guide

Configuration Setup Summary

The purpose of this document is to provide guidance to customers for service chaining Mushroom Networks’ multi-WAN SD-WAN solution with WatchGuard’s Next Generation Firewall and Unified Threat Management solution. 

 

Mushroom’s secure VLL (Virtual Leased Line) overlay tunnel will be set up between Mushroom’s Customer Premise Equipment (Truffle appliance) and Mushroom’s Cloud Relay (as an EC2 instance in the Amazon AWS cloud). Mushroom’s Cloud Relay will pass through all upstream traffic to WatchGuard’s Firebox Cloud instance (again hosted as an EC2 instance in the Amazon AWS cloud) providing UTM services such as Intrusion Prevention, Web Content Filtering, etc.

Network Diagram



Installation Steps

  1. Firebox Cloud installation and configuration in AWS

 

Install and configure Firebox Cloud with trusted and external interface using the following procedure: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/firebox_cloud/deploy_aws.html

 

Here is an example configuration screenshot for the configured trusted and external interfaces:

 

 

  1. Mushroom’s Cloud Relay installation and configuration in AWS

Order Mushroom Networks Cloud Relay service. Mushroom’s Cloud Relay is installed and configured by Mushroom Networks.

  1. Configure WAN1 interface gateway IP address on Mushroom Cloud Relay to point to Firebox Cloud’s trusted interface IP address. (e.g. 10.10.2.172).

WAN1 configuration on the Mushroom Cloud Relay



  1. Configure secure VLL tunnel between Mushroom’s CPE device and Cloud Relay.



 

  1. Configure Splunk for syslog data

 

  • Configure Watchguard to send logs to syslog server (under System->Logging). Replace ‘xxx.xxx.xxx.xxx’ to the external IP address of the Mushroom Portal Server.

 

  • Configure Mushroom Cloud Relay’s Syslog server (under Status tab) and replace Remote Syslog Server ‘xxx.xxx.xxx.xxx’ to the public IP of Mushroom Monitoring Portal.

 

  • Install Watchguard’s Firebox  App for Splunk on Mushroom Monitoring Portal:

https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/General/splunk_integration_V2.html

 

© 2004 – 2024 Mushroom Networks Inc. All rights reserved.

Let’s chat. Call us at +1 (858) 452-1031 or fill the form: