Configure interfaces for connections to other networks
Interfaces for each Ethernet port on the NGFW appliance are automatically included in the interface table. You must add IP addresses and configure routing for connections to other networks.
Before you begin
CAUTION:
The interface for control connections can only have one IP address.
Do not
add additional IP addresses or VLANs to the interface for control connections.
Steps
Example
Fields marked with an asterisk in the user interface are mandatory.
Option | Definition |
---|---|
Adds an interface to the interfaces table. If you change the number of Ethernet
ports on the NGFW appliance, such as by replacing a 4-port interface module with an 8-port interface module, you must add interfaces to
represent the new Ethernet ports.
|
|
Appliance image | Shows the ports on the NGFW appliance for which you can configure interfaces. When you select an interface in the interface table, the corresponding port is highlighted in the image. |
Interface table | Allows you to configure the IP addresses, networks, and routing for each interface. |
Physical Interface | (When interface type is Physical Interface) Shows the interface ID of the physical interfaces. The following actions are available when you click the interface:
|
Physical Interface | (When interface type is Physical Interface with VLAN interfaces) Shows the interface ID of the physical interfaces and the VLAN interfaces under them.The following actions are available when you click the physical interface:
The following actions are available when you click the VLAN interface:
|
IP Address | Shows the IP address of the physical interface or VLAN interface. The following actions are available when you click the IP address:
|
Connected Network | Shows the network range of the directly connected network. The following options are available when you click the network:
|
Gateway | Shows the gateway device through which the NGFW Engine connects to a network that is not directly connected. The
following actions are available when you click the gateway:
|
Route Target | Shows the IP addresses that are reachable through the gateway device. The following options are available when you click the route target:
|
Option | Definition |
---|---|
Interface ID | (When interface type is Physical Interface) The Interface ID automatically maps to a physical network port on the appliance. |
VLAN ID | (When interface type is VLAN Interface) Specifies the VLAN ID (1–4094). The VLAN IDs must be the same as the VLAN IDs that are used in the switch at the other end of the VLAN trunk. Each VLAN Interface is identified as Interface-ID.VLAN-ID, for example, 2.100 for Interface ID 2 and VLAN ID 100. |
Interface Options (Optional) |
Advanced options for interface configuration. |
MTU | The maximum transmission unit (MTU) size on the connected link. Enter a value between 576–65000. |
Zone | The network zone to which the interface belongs. By default, Interface 0 belongs to the external zone. All other interfaces belong to the internal zone. |
Antispoofing Elements | This option is not yet supported. |
Route Replies Back | This option is not yet supported. |