Security Gateway Manual XG-7100
2.8.2 Assign the Interface
The first step is to assign an OPT interface.
• Navigate to Interfaces > Assignments
Look at list of current assignments. If the interface in question is already assigned, there is nothing to do. Skip
ahead to the interface configuration.
• Pick an available interface in Available network ports
If there are no available interfaces, then one may need to be setup in some other way (e.g. VLANs).
• Click Add
The firewall will assign the next available OPT interface number corresponding to the internal interface designation.
For example, if there are no current OPT interfaces, the new interface will be OPT1. The next will be OPT2, and so
on.
Note: As this guide does not know what that number will be on a given configuration, it will refer to the interface
generically as OPTx.
The newly assigned interface will have its own entry under the Interfaces menu and elsewhere in the GUI.
2.8.3 Interface Configuration
The new interface must be enabled and configured.
• Navigate to Interfaces > OPTx
• Check Enable interface
• Set custom name in the Description, e.g. GUESTS, DMZ, etc.
• Set the IP address and CIDR mask for the new LAN
For this example, 192.168.2.1/24.
• Do not add or choose a gateway
• Uncheck Block private networks
This interface is a private network, this option would prevent it from functioning.
• Uncheck Block bogon networks
The rules on this interface should only allow traffic from the subnet on the interface, making this option unnec-
essary.
• Click Save
• Click Apply Changes
The lack of a selected gateway in the interface configuration causes the firewall to treat the interface as a LAN type
interface.
The firewall uses LAN type interfaces as sources of outbound NAT traffic but does not apply outbound NAT on traffic
exiting a LAN. The firewall does not add any extra properties on firewall rules to influence traffic behavior. The DNS
Resolver will accept queries from clients on LAN type interfaces.
© Copyright 2024 Rubicon Communications LLC 58
To Next Page
Loading...
