Example: Layer 2 Firewall Inline Interfaces in inline mode

An example of deploying a Layer 2 Firewall in the traffic path in inline mode.

The following illustration shows the interfaces of the inline Layer 2 Firewall.

Figure: Inline Layer 2 Firewall



In this example, the IP address on Interface ID 0 is configured as the Control IP address for management connections. Interface ID 1 and Interface ID 2 are an inline interface pair that share the Logical Interface, called Inline. Traffic comes in through Interface ID 1. Any traffic that is the Layer 2 Firewall allows leaves through Interface ID 2.

The administrator does the following:
  1. Creates a Single Layer 2 Firewall element and selects the Log Server to which the Layer 2 Firewall engine sends its log data.
  2. Creates a Logical Interface called Inline for the Inline Interface pair.
  3. Defines Interface ID 0 as a normal interface and adds an IP address to it.
  4. Defines Interface IDs 1 and 2 as an inline interface pair and selects the Logical Interface called Inline for the pair.
  5. Saves the initial configuration of the engine in the Management Client.
  6. Connects the network cables to the appropriate physical interfaces on the engine.
  7. Maps the interface IDs to the physical interfaces in the NGFW Configuration Wizard and makes initial contact with the Management Server.
  8. Installs a Layer 2 Firewall Policy in the Management Client to transfer the configuration to the engine.