Address range
Dynamic IP (obtained
by DHCP)
Select this option to give the VLAN a dynamic address.
Fixed IP (static) By selecting this option, the interface will have a static address range. In this case, its
IP address and network mask must be indicated.
Click Finish.
VLAN attached to 2 interfaces (crossing VLAN)
When configuring VLANs for bridges, the same tag can be used for two VLAN interfaces , making
the Firewall appear transparently on the network. This method requires the use of one VLAN
interface per physical interface.
Unlike the option Keep VLAN IDs (cf. in the advanced properties of an Ethernet interface) which
makes the firewall fully transparent to the VLAN and which prevents the use of features which
would interrupt VLAN traffic, such as proxies, this method of keeping the VLAN tag between
several interfaces on the same bridge allows the use of all firewall features.
VLAN identification
Name Enter a unique name for your VLAN
VLAN IDs This field allows specifying the value to be associated with the VLAN in packets
passing through the network. This tag identifies the VLAN and is used at the Ethernet
level.
Color Color assigned to the VLAN.
VLAN address range
Use an existing bridge By selecting this option, you will need to select from the drop-down list the bridge to
which VLANs will be attached.
Create a new bridge If this option is selected, a wizard will allow creating a new bridge which will contain
both interfaces.
Dynamic IP (obtained
by DHCP)
The assigned IP address can be matched to a domain name via a DNS service provider
(dyndns.org for example) in order to contact this firewall without having to know its IP
address. This option is used when your firewall does not have a static IP address (e.g.,
your service provider, or DHCP renews its IP address regularly).
This feature can be enabled by selecting a dynamic DNS account that you would have
configured earlier. The configuration of dynamic DNS clients is explained further in the
document Dynamic DNS module.
This field allows specifying to the firewall that the configuration of the bridge (IP
address and mask) is defined by DHCP. In this case, the “DHCP” zone in the Advanced
properties tab will be enabled.
Fixed IP (static) By selecting this option, the interface will have a static address range. In this case, its
IP address and the mask of the sub-network to which the interface belongs, have to
be indicated.
Click on Next.
Page 192/448 sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
SNS - USER CONFIGURATION MANUAL V.3
INTERFACES
To Next Page
