Manualshelf

Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
51525354555657585960
57
Adding Physical Interfaces for Master Engines
Adding Physical Interfaces for Master Engines
Master Engines can have two types of Physical Interfaces: interfaces for the Master Engine’s
own communications, and interfaces that are used by the Virtual IPS engines hosted on the
Master Engine. Physical Interfaces that are used for the Master Engine’s own communications
must be defined as Normal Interfaces. Physical Interfaces that are used for hosted Virtual IPS
communications must be defined as Capture or Inline Interfaces.
You must define at least one Physical Interface for the Master Engine’s own communications. It
is recommended to define at least two Physical Interfaces for the Master Engine:
An interface used for communications between the Management Server and the Firewall/VPN
engine.
An interface for the heartbeat communications between the cluster nodes. The heartbeat
traffic is critical to the functioning of the cluster, so it is highly recommended to have a
dedicated heartbeat interface.
To add a Physical Interface to a Master Engine
1. Switch to the Interfaces tab of the Master Engine Properties.
2. Right-click the empty space and select New Physical Interface. The Physical Interface
Properties dialog opens.
3. (Interface for Master Engine communications only) Define the Physical Interface properties
as explained in the table below.
Table 7.1 Physical Interface Properties for Master Engine Communications - General Tab
Options Explanation
Interface ID
The Interface ID automatically maps to a Physical Interface of the same number
during the initial configuration of the engine, but the mapping can be changed as
necessary through the engine’s command line interface.
Type Select Normal Interface as the Interface Type for Master Engine communications.
MTU
(Optional)
The MTU (maximum transmission unit) size on the connected link. Either enter a
value between 400-65535 or select a common MTU value from the list.
The default value (also the maximum standard MTU in Ethernet) is 1500. Do not
set a value larger than the standard MTU unless you know that all the devices
along the communications path support it.