Add reset interfaces

Reset interfaces interrupt communications picked up through capture interfaces when the traffic matches a rule that terminates connections.

Reset interfaces can deliver TCP resets and ICMP “destination unreachable” messages to interrupt communications picked up through capture interfaces when the traffic matches a rule that terminates connections.

The resets are sent using the source and destination addresses and MAC addresses of the communicating hosts, so an IP address is not mandatory for a reset interface. You can optionally add an IP address if you also want to use this interface for system communications.

VLANs are supported for sending resets, but the correct VLAN is selected automatically. The interface you want to use as the reset interface must not have any manually added VLAN configuration.

You can use an existing system communications interface for sending resets if the reset interface connects to the same networks as the capture interface, and there are no VLANs on the system communications interface.

  For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click an engine element, then select Edit <element type>.
  2. In the navigation pane on the left, select Interfaces.
  3. Create a new Physical Interface.
    • For IPS engines and Layer 2 Firewalls, right-click the empty space and select New Physical Interface.
    • For Firewalls, right-click the empty space and select New > Layer 3 Physical Interface.
  4. Select an Interface ID.
  5. Select the interface type according to the engine role:
    • For IPS engines and Layer 2 Firewalls, select Normal Interface.
    • For Firewalls, select None.
  6. Click OK.

Result

The Physical Interface is added to the interface list.
Note: When you set up the physical network, make sure that the reset interface connects to the same networks as the capture interfaces.

Next steps

Set up the capture interfaces that use this reset interface.