Network interface configuration overview

The network interface configuration process depends on the Forcepoint NGFW role.

The interface configuration proceeds as follows:

  1. Define the interfaces and IP addresses according to the engine role.
  2. Configure additional related settings depending on the features you want to use.

Engine Editor > Interfaces

Use this branch to configure the necessary interfaces and IP addresses for the NGFW Engine.

Option Definition
Add Adds an interface or IP address of the specified type:
  • Layer 3 Physical Interface

    (Available for Single Firewalls, Firewall Clusters, Virtual Firewalls, and Master NGFW Engines in the Firewall/VPN role)

  • Layer 2 Physical Interface

    (Available for Single Firewalls, Firewall Clusters, Virtual Firewalls, and Master NGFW Engines in the Firewall/VPN role)

  • Physical Interface

    (Available for all engine types except Single Firewalls, Firewall Clusters, Virtual Firewalls, and Master NGFW Engines in the Firewall/VPN role)

  • VLAN Interface

    (Available for all engine types)

  • IPv4 Address

    (Not available for Virtual IPS engines or Virtual Layer 2 Firewalls)

  • IPv6 Address

    (Not available for Virtual IPS engines or Virtual Layer 2 Firewalls)

  • ADSL Interface

    (Available for Single Firewalls and Firewall Clusters)

  • Tunnel Interface

    (Available for Single Firewalls, Firewall Clusters, and Virtual Firewalls)

  • Modem Interface

    (Available for Single Firewalls)

  • Wireless Interface

    (Available for Single Firewalls)

  • SSID Interface

    (Available for Single Firewalls)

  • Switch

    (Available for Single Firewalls)

  • Port Group Interface

    (Available for Single Firewalls)

CAUTION:
Physical Interfaces for Virtual NGFW Engines are automatically created based on the interface configuration in the Master NGFW Engine properties. The number of Physical Interfaces depends on the number of interfaces allocated to the Virtual NGFW Engine in the Master NGFW Engine. Physical Interfaces that you add to Virtual NGFW Engines might not be valid.
Edit Allows you to change the properties of the interface or IP address.
Remove Removes the selected interface or IP address.