Manualshelf

Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED
51525354555657585960
60
Chapter 7 Configuring Master Engines and Virtual IPS Engines
Adding VLAN Interfaces for Master Engines
VLANs divide a single physical network link into several virtual links. The maximum number of
VLANs for a single Physical Interface is 4094. The VLANs must also be defined in the
configuration of the switch/router to which the interface is connected. Master Engines can have
two types of VLAN Interfaces: interfaces for the Master Engine’s own communications, and
interfaces that are used by the Virtual IPS engines hosted on the Master Engine.
To add a VLAN Interface to a Master Engine
1. Right-click a Physical Interface for Master Engine communications and select NewVLAN
Interface, or a Physical Interface for hosted Virtual IPS engine communications and select
New VLAN Interface.
2. (Interface for Master Engine communications only) Define the VLAN Interface properties as
explained in the table below.
3. (Interface for hosted Virtual IPS engine communications only) Define the VLAN Interface
properties as explained in the table below.
Table 7.3 VLAN Interface Properties for Master Engine Communications - General Tab
Option Explanation
VLAN ID
Enter the VLAN ID (1-4094). The VLAN IDs you add must be the same as the VLAN IDs
that are used in the switch at the other end of the VLAN trunk.
Each VLAN Interface is identified as Interface-ID.VLAN-ID, for example 2.100 for
Interface ID 2 and VLAN ID 100.
Zone
Select the network zone to which the Physical Interface belongs from the list or select
Other to select another Zone. If the Zone is not listed, select New to create a new Zone
element.
MTU
(Optional)
The MTU (maximum transmission unit) size on the connected link. Either enter a value
between 400-65535 or select a common MTU value from the list. If MTU is defined for
the Physical Interface to which the VLAN Interface belongs, the MTU value is
automatically inherited from the Physical Interface properties.
Caution! The MTU for each VLAN Interface must not be higher than the MTU for the
Physical Interface to which the VLAN Interface belongs.
The default value (also the maximum standard MTU in Ethernet) is 1500. Do not set a
value larger than the standard MTU unless you know that all the devices along the
communications path support it.
Table 7.4 VLAN Interface Properties for Hosted Virtual IPS Engine Communications
Option Explanation
VLAN ID
Enter the VLAN ID (1-4094). The VLAN IDs you add must be the same as the
VLAN IDs that are used in the switch at the other end of the VLAN trunk.
Each VLAN Interface is identified as Interface-ID.VLAN-ID, for
example 2.100 for Interface ID 2 and VLAN ID 100.