Add VLAN interfaces to Virtual Security Engine interfaces

VLANs divide a single physical network link into several virtual links.

VLAN interfaces can only be added for Virtual Security Engines if the creation of VLAN interfaces for Virtual Engines is enabled in the Master Security Engine Properties. The maximum number of VLANs for a single physical interface is 4094. The VLANs must also be defined in the configuration of the external switch or router to which the interface is connected.

Note: You cannot add VLAN interfaces on top of other VLAN interfaces. Depending on the configuration of the Master Security Engine, you might not be able to create valid VLAN interfaces for the Virtual Security Engine. Contact the administrator who configured the Master Security Engine.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Right-click a Virtual Engine, Virtual IPS engine, or Virtual Layer 2 Engine and select Edit <element type>.
  2. In the navigation pane on the left, select Interfaces.
  3. Right-click a physical interface and select New > VLAN Interface.
  4. Define the VLAN interface properties.
    CAUTION:
    The throughput for the Virtual Engine physical interface must not be higher than the throughput for the Master Security Engine interface that hosts the Virtual Engine. Contact the administrator of the Master Security Engine before changing this setting.
    CAUTION:
    Make sure that you set the interface speed correctly. When the bandwidth is set, the Virtual Security Engine always scales the total amount of traffic on this interface to the bandwidth you defined. The bandwidth is scaled even if there are no bandwidth limits or guarantees defined for any traffic.
  5. Click OK.
    The specified VLAN ID is added to the physical interface.

Next steps

Continue the configuration in one of the following ways:
  • (Virtual Engine only) If you do not want to add tunnel interfaces for a route-based VPN, add IP addresses directly to the physical interfaces.
  • Otherwise, click Save and Refresh to transfer the configuration changes.