Installation guide

Defining Traffic Inspection Interfaces for Layer 2 Firewall Engines

6. Click OK.

Repeat these steps to define any additional Logical Interfaces.

Defining Reset Interfaces

Reset Interfaces can deliver TCP resets and ICMP “destination unreachable” messages to

interrupt communications picked up from Capture Interfaces when the communications trigger a

response.

VLANs are supported for sending resets, but the correct VLAN is selected automatically. An

interface you want to use as the Reset Interface must not have any manually added VLAN

configuration.

The Reset Interface must be in the same broadcast domain as the Capture Interface that uses

the Reset Interface. The resets are sent using the IP addresses and MAC addresses of the

communicating hosts.

 To define a Reset Interface

1. Right-click and select New Physical Interface. The Physical Interface Properties dialog

opens.

2. Select the Interface ID.

3. Select Normal Interface as the Type.

4. Click OK.

This interface can now be used as a Reset Interface. When you set up the physical network,

make sure that the Reset Interface connects to the same network as the Capture Interface(s).

What’s Next?

 If you want to use Reset Interfaces together with Capture Interfaces, define the Reset

Interfaces first. Proceed to Defining Reset Interfaces.

 To define Capture Interfaces, proceed to Defining Capture Interfaces (page 50).

 To define Inline Interfaces, proceed to Defining Inline Interfaces (page 51).

Note – An interface that is used only as a Reset Interface must not have an IP address.

What’s Next?

 Defining Capture Interfaces (page 50)