Configure interfaces

1.

Choose Devices > Device Management, and click Edit ( edit icon ) for the firewall.

2.

Click Interfaces.

3.

To create breakout ports from a 40-Gb or larger interface, click the Break icon for the interface.

If you already used the full interface in your configuration, you will have to remove the configuration before you can proceed with the breakout.

4.

Click Edit ( edit icon ) for the interface that you want to use for inside.

From the Security Zone drop-down list, choose an existing inside security zone or add a new one by clicking New.

For example, add a zone called inside_zone. You apply your security policy based on zones or groups. For example, configure your access control policy to enable traffic to go from the inside zone to the outside zone, but not from outside to inside.

If the inside interface was preconfigured, the rest of these fields are optional.
Enter a Name up to 48 characters in length.

For example, name the interface inside.
Check the Enabled check box.
Leave the Mode set to None.
Click the IPv4 and/or IPv6 tab.
- IPv4—Choose Use Static IP from the drop-down list, and enter an IP address and subnet mask in slash notation.
  
  For example, enter 192.168.1.1/24
  
  Figure 3. IPv4 Tab
- IPv6—Check the Autoconfiguration check box for stateless autoconfiguration.
  
  Figure 4. IPv6 Tab
Click OK.

5.

Click Edit ( edit icon ) for the interface that you want to use for outside.

From the Security Zone drop-down list, choose an existing outside security zone or add a new one by clicking New.

For example, add a zone called outside_zone.

You should not alter any other basic settings because doing so will disrupt the Firewall Management Center management connection.
Click OK.

6.

Configure a DMZ interface to host a web server, for example.

Click Edit () for the interface you want to use.
From the Security Zone drop-down list, choose an existing DMZ security zone or add a new one by clicking New.

For example, add a zone called dmz_zone.
Enter a Name up to 48 characters in length.

For example, name the interface dmz.
Check the Enabled check box.
Leave the Mode set to None.
Click the IPv4 and/or IPv6 tab and configure the IP address as desired.
Click OK.

7.

Click Save.

Procedure

Need help?

	1.	Choose Devices > Device Management, and click Edit () for the firewall.
	2.	Click Interfaces. Figure 1. Interfaces
	3.	To create breakout ports from a 40-Gb or larger interface, click the Break icon for the interface. If you already used the full interface in your configuration, you will have to remove the configuration before you can proceed with the breakout.
	4.	Click Edit () for the interface that you want to use for inside. Figure 2. General Tab From the Security Zone drop-down list, choose an existing inside security zone or add a new one by clicking New. For example, add a zone called inside_zone. You apply your security policy based on zones or groups. For example, configure your access control policy to enable traffic to go from the inside zone to the outside zone, but not from outside to inside. If the inside interface was preconfigured, the rest of these fields are optional. Enter a Name up to 48 characters in length. For example, name the interface inside. Check the Enabled check box. Leave the Mode set to None. Click the IPv4 and/or IPv6 tab. IPv4—Choose Use Static IP from the drop-down list, and enter an IP address and subnet mask in slash notation. For example, enter 192.168.1.1/24 Figure 3. IPv4 Tab IPv6—Check the Autoconfiguration check box for stateless autoconfiguration. Figure 4. IPv6 Tab Click OK.
	5.	Click Edit () for the interface that you want to use for outside. Figure 5. General Tab From the Security Zone drop-down list, choose an existing outside security zone or add a new one by clicking New. For example, add a zone called outside_zone. You should not alter any other basic settings because doing so will disrupt the Firewall Management Center management connection. Click OK.
	6.	Configure a DMZ interface to host a web server, for example. Click Edit () for the interface you want to use. From the Security Zone drop-down list, choose an existing DMZ security zone or add a new one by clicking New. For example, add a zone called dmz_zone. Enter a Name up to 48 characters in length. For example, name the interface dmz. Check the Enabled check box. Leave the Mode set to None. Click the IPv4 and/or IPv6 tab and configure the IP address as desired. Click OK.
	7.	Click Save.

Overview

Procedure

Need help?