Select which IP addresses are used for particular roles in system communications.
For example, you can select which IP addresses are used in communications between the Firewall and the Management Server.
The interfaces you have defined are shown as a tree-table on the Interfaces tab. Global interface options have codes in the tree-table.
Table 1. Interface option codes
Code |
Description |
A |
The interface that has the IP address used as the identity for authentication requests. |
C |
The interfaces that have the primary and backup control IP addresses. |
O |
The default IP address for outgoing connections. |
Note: You cannot use layer 2 physical interfaces on firewalls for system communications.
For more details about the product and how to configure features, click Help or
press F1.
Steps
-
In the navigation pane on the left, select
.
-
Select the interface options.
-
From the Primary drop-down list, select the primary control IP address that the Firewall uses for communications with the Management Server.
-
(Optional, recommended) From the Backup drop-down list, select a backup control IP address that the Firewall uses for communications with the
Management Server if the primary control IP address fails.
-
If the Firewall's primary control IP address and backup control IP address are dynamic or if the Firewall is in an environment where only the Firewall can initiate
connections to the Management Server, select Node-initiated contact to Management Server.
When this option is selected, the engine opens a connection to the Management Server and maintains connectivity.
-
From the
Identity for Authentication Requests drop-down list, select the IP address that identifies the firewall to external authentication servers.
Note: This selection has no effect on routing.
-
(Optional) From the
Source for Authentication Requests drop-down list, select the IP address that identifies the firewall when it sends an authentication request to an external authentication server over a VPN.
Note: This selection has no effect on routing.
-
From the
Default IP Address for Outgoing Traffic drop-down list, select the IP address that nodes use if they have to initiate connections through an interface that has no Node Dedicated IP address.
-
Click Save, then close the Engine Editor.
Next steps
Bind engine licenses to the Single Firewall elements.