Configuring Interfaces in Transparent IP Mode (Splice L3 Subnet)

 

• Configuring Advanced Settings for a Transparent IP Mode Interface

Transparent IP Mode enables the appliance to bridge the WAN subnet onto an internal interface.

To configure an interface for transparent mode

1. Navigate to NETWORK | System > Interfaces.
2. Click on the Configure icon for the Unassigned interface you want to configure. The Edit Interface dialog is displayed.
3. Either select:
   • LAN or DMZ for Zone.

     The options available change according to the type of zone you select.

   • Create a new zone for the configurable interface by selecting Create a new zone. The Add Zone dialog displays. See About Zones for instructions on adding a zone.
4. Select Transparent IP Mode (Splice L3 Subnet) from Mode / IP Assignment. The options change.

5. From Transparent Range, select an address object that contains the range of IP addresses you want to have access through this interface. The address range must be within an internal zone, such as LAN, DMZ, or another trusted zone matching the zone used for the internal transparent interface.

   If you do not have an address object configured that meets your needs, select Create New Address Object. The Add Address Object dialog displays.

6. Enter any optional comment text in the Comment field. This text is displayed in the Comment column of the Interface table. This option is not selected by default.

7. To enable remote management of the Security Appliance from this interface, choose the supported management protocol(s): HTTPS, Ping, SNMP, and/or SSH. This option is not selected by default.

   To allow access to the WAN interface for management from another zone on the same security appliance, access rules must be created.

8. To allow selected users with limited management rights to log directly into the security appliance through this interface, choose HTTP and/or HTTPS in User Login.

9. If you selected HTTPS for either Management and/or User Login protocol, Add rule to enable redirect from HTTP to HTTPS becomes available and selected. To prevent redirection of HTTP to HTTPS, deselect the option.

   Selecting HTTP for User Login protocol disables redirection.

   Elements of this feature can be controlled by internal User Authentication Settings options. For more information, see HTTP/HTTPS Redirection with DP Offload.

10. Click OK.

The administrator password is required to regenerate encryption keys after changing the appliance’s address.