Installation guide
75
Adding VLAN Interfaces for Master Engines
4. Click OK. The specified VLAN ID is added to the Physical Interface.
Second VLAN ID
(Optional, only if Physical
Interface Type is Inline
Interface)
Enter a Second VLAN ID for the Inline Interface if you want to remap the
Inline Interface. By default, this value is inherited from the first VLAN ID. We
recommend that you keep the default value if you do not have a specific
reason to change it.
Virtual Resource
The Virtual Resource associated with the interface. Select the same Virtual
Resource in the properties of the Virtual Layer 2 Firewall element to add the
Virtual Layer 2 Firewall to the Master Engine. Only one Virtual Resource can
be selected for each VLAN Interface.
Virtual Engine Interface
ID
Select the Interface ID of the Physical Interface in the Virtual Layer 2
Firewall that is associated with this interface.
Second Interface ID
(Inline Interface only)
Select the second Interface ID of the Inline Interface in the Virtual Layer 2
Firewall that is associated with this interface.
Throughput (kbps)
(Optional, only if Physical
Interface Type is Inline
Interface)
The maximum throughput for the Virtual Layer 2 Firewalls that use this VLAN
Interface. Enter the throughput as kilobits per second (for example, 2048).
If throughput is defined for the Physical Interface to which the VLAN
Interface belongs, the throughput value is automatically inherited from the
Physical Interface properties.
Caution! The throughput for each VLAN Interface must not be higher than
the throughput for the Physical Interface to which the VLAN Interface
belongs.
The throughput is for uplink speed (outgoing traffic) and typically must
correspond to the speed of an Internet link (such as an ADSL line), or the
combined speeds of several such links when they are connected to a single
Physical Interface.
Caution! Make sure you set the interface speed correctly. When the
bandwidth is set, the Master Engine always scales the total amount of
traffic on this interface to the bandwidth you defined. This happens even if
there are no bandwidth limits or guarantees defined for any traffic.
MTU
(Optional)
The MTU (maximum transmission unit) size for Virtual Layer 2 Firewalls that
use this interface. Either enter a value between 400-65535 or select a
common MTU value from the list. If MTU is defined for the Physical Interface
to which the VLAN Interface belongs, the MTU value is automatically
inherited from the Physical Interface properties.
Caution! The MTU for each VLAN Interface must not be higher than the MTU
for the Physical Interface to which the VLAN Interface belongs.
The default value (also the maximum standard MTU in Ethernet) is 1500.
Do not set a value larger than the standard MTU unless you know that all
the devices along the communications path support it.
Reset Interface
(Optional, only if Physical
Interface Type is Capture
Interface)
Select a TCP Reset Interface for traffic picked up through this Capture
Interface. This is the interface through which TCP connection resets are
sent when Reset responses are used in your Layer 2 Firewall policy.
Table 8.4 VLAN Interface Properties for Hosted Virtual Layer 2 Firewall Communications (Continued)
Option Explanation