Add logical interfaces to Firewall Clusters

Logical Interface elements are used in the Layer 2 Interface Policy and the traffic inspection process to represent a network segment.

The SMC contains one default Logical Interface element. A logical interface can represent any number or combination of physical interfaces and VLAN interfaces. However, the same logical interface cannot be used to represent both inline IPS interfaces and inline Layer 2 Firewall interfaces on the same Firewall Cluster. The rules in the ready-made Layer 2 Interface Template policy match all logical interfaces.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration.
  2. Expand the Other Elements branch.
  3. Right-click Logical Interfaces and select New Logical Interface.
  4. In the Name field, enter a unique name.
  5. (Optional) If you use VLAN tagging, select View interface as one LAN.
    By default, the Firewall Cluster treats a single connection as multiple connections when an external switch passes traffic between different VLANs and all traffic is mirrored to the Firewall Cluster through a SPAN port.
  6. Click OK.
    Do not close the Engine Editor.

Next steps

Continue the configuration in one of the following ways:
  • If you want to use reset interfaces with capture interfaces, add reset interfaces.
  • Add capture interfaces or inline interfaces.