Configure network interfaces on the command line

The NGFW Configuration Wizard can automatically detect which network cards are in use. You can also add interfaces manually.

Steps

  1. Define the network interface drivers.
    If the list is not populated automatically, use auto-detect.
    1. Highlight Autodetect, then press Enter.
    2. Check that the autodetected information is correct and that all interfaces have been detected.
      Tip: You can use the Sniff option for troubleshooting the network interfaces. Select Sniff to run a network sniffer on that interface.
    If autodetection fails, add network drivers manually.
    1. Highlight Add, then press Enter.
    2. Select the correct driver for your network card, then press Enter.
  2. Map interfaces to the IDs you defined.
    1. Change the IDs as necessary to define how the interfaces are mapped to the interface IDs you defined for the engine element in the Management Client.
      For bypass interface modules, map the interface IDs of inline interfaces to even-odd pairs of ports on the appliance. For example, map Interface ID 1 to port eth2_0 and Interface ID 2 to port eth2_1.
    2. If necessary, highlight the Media column, then press Enter to change the settings to match those used by the device at the other end of the link.
      Make sure that the speed/duplex settings of network cards are identical at both ends of each cable. For IPS and Layer 2 Firewall engines, also make sure that the speed/duplex settings of the inline interfaces match the speed/duplex settings of both links within each inline interface pair.
    3. In the Mgmt column, highlight the correct interface for contact with the Management Server, then press the spacebar.
      Important: The Management interface must be the same interface on which the control IP address for the corresponding element is configured in the SMC.
    4. (Optional, IPS only) Highlight Initial Bypass, then press Enter to temporarily set the IPS engine to the initial bypass state and define one or more soft-bypass interface pairs through which traffic flows.
      Setting the appliance to the initial bypass state can be useful during IPS appliance deployment if bypass network interface pairs on the appliance are in Normal mode. Initial bypass allows traffic to flow through the IPS appliance until the initial configuration is ready and an IPS policy is installed on the appliance. Do not set the initial bypass state when the bypass network interface pairs are in Bypass mode.
  3. (Modem interfaces only) Map the modem number to the IMEI of the modem.
    1. Select Setup modems.
      The first modem number is automatically mapped to the IMEI of the modem. You can optionally change the modem number.
    2. Select Stored, then select OK.