SonicOS 7 System
- SonicOS 7.0
- Overview
- Interfaces
- About Interfaces
- Interface Settings IPv4
- Adding Virtual Interfaces
- Configuring Routed Mode
- Enabling Bandwidth Management on an Interface
- Configuring Interfaces in Transparent IP Mode (Splice L3 Subnet)
- Configuring Wireless Interfaces
- Configuring WAN Interfaces
- Configuring Tunnel Interfaces
- Configuring VPN Tunnel Interfaces
- Configuring Link Aggregation and Port Redundancy
- Configuring One Arm Mode
- Configuring an IPS Sniffer Mode Appliance
- Configuring Security Services (Unified Threat Management)
- Configuring Wire and Tap Mode
- Layer 2 Bridged Mode
- Key Features of SonicOS Layer 2 Bridged Mode
- Key Concepts to Configuring L2 Bridged Mode and Transparent Mode
- Comparing L2 Bridged Mode to Transparent Mode
- Comparison of L2 Bridged Mode to Transparent Mode
- Benefits of Transparent Mode over L2 Bridged Mode
- ARP in Transparent Mode
- VLAN Support in Transparent Mode
- Multiple Subnets in Transparent Mode
- Non-IPv4 Traffic in Transparent Mode
- ARP in L2 Bridged Mode
- VLAN Support in L2 Bridged Mode
- L2 Bridge IP Packet Path
- Multiple Subnets in L2 Bridged Mode
- Non-IPv4 Traffic in L2 Bridged Mode
- L2 Bridge Path Determination
- L2 Bridge Interface Zone Selection
- Sample Topologies
- Configuring Network Interfaces and Activating L2B Mode
- Configuring Layer 2 Bridged Mode
- Asymmetric Routing
- Configuring Interfaces for IPv6
- 31-Bit Network Settings
- PPPoE Unnumbered Interface Support
- Failover & LB
- Neighbor Discovery
- ARP
- MAC IP Anti-Spoof
- Web Proxy
- PortShield Groups
- SonicOS Support of X-Series Switches
- About the X-Series Solution
- Performance Requirements
- Key Features Supported with X-Series Switches
- PortShield Functionality and X-Series Switches
- PoE/PoE+ and SFP/SFP+ Support
- X-Series Solution and SonicPoints
- Managing Extended Switches using GMS
- Extended Switch Global Parameters
- About Links
- Logging and Syslog Support
- Supported Topologies
- Port Graphics
- Port Configuration
- External Switch Configuration
- External Switch Diagnostics
- Configuring PortShield Groups
- SonicOS Support of X-Series Switches
- PoE Settings
- VLAN Translation
- IP Helper
- Dynamic Routing
- DHCP Server
- Configuring a DHCP Server
- Configuring Advanced Options
- Configuring DHCP Option Objects
- Configuring DHCP Option Groups
- Configuring a Trusted DHCP Relay Agent Address Group (IPv4 Only)
- Enabling Trusted DHCP Relay Agents
- Configuring IPv4 DHCP Servers for Dynamic Ranges
- Configuring IPv6 DHCP Servers for Dynamic Ranges
- Configuring IPv4 DHCP Static Ranges
- Configuring IPv6 DHCP Static Ranges
- Configuring DHCP Generic Options for DHCP Lease Scopes
- DHCP and IPv6
- Multicast
- Network Monitor
- AWS Configuration
- SonicWall Support
Configuring Advanced Settings for a Virtual Interface
To configure advanced settings for a static interface
-
In the Add/Edit Interface dialog, click Advanced.
The options available in Advanced for a virtual interface vary depending on the selected zone and platform.
- For Link Speed, Auto Negotiate is selected by default, which causes the connected devices to negotiate the speed and duplex mode of the Ethernet connection automatically. To force Ethernet speed and duplex, select one of the following options from Link Speed:
For 1 Gbps Interfaces For 10 Gbps Interfaces 1 Gbps - Full Duplex 10 Gbps - Full Duplex 100 Mbps - Full Duplex 100 Mbps - Half Duplex 10 Mbps - Full Duplex 10 Mbps - Half Duplex If you select a specific Ethernet speed and duplex, you must force the connection speed and duplex from the Ethernet card to the firewall as well.
- Use Default MAC Address is selected by default. You override Use Default MAC Address for the Interface by choosing Override Default MAC Address and entering the MAC address in the field.
- Select Shutdown Port to temporarily take this interface offline for maintenance or other reasons. If connected, the link goes down. This option is not selected by default.
Clear the option to activate the interface and allow the link to come back up.
You cannot shut down the management interface or the interface you are currently using.
If you select this option, a confirmation message displays: Click OK to shut down the port.You can shut down the interface by clicking the Enabled icon in the Enabled column for the interface. A confirmation message displays:
- If you click OK, the Enabled icon turns to a Disabled icon. To enable the interface, click the Disabled icon. A confirmation message displays:
- If you click OK, the Disabled icon turns to an Enabled icon.
- For the AppFlow feature, select Enable flow reporting to allow flow reporting on flows created for this interface. This option is selected by default.
- Optionally, select Enable Multicast Support to allow multicast reception on this interface. This option is not selected by default.
-
Optionally, select Enable Default 802.1p CoS to tag information passing through this interface with 802.1p priority information for Quality of Service (QoS) management. This option is not selected by default.
This option is available only for VLAN interfaces.
Packets sent through this interface are tagged with VLAN id=0 and carry 802.1p priority information. To make use of this priority information, devices connected to this interface should support priority frames. QoS management is controlled by access rules on Policies | Rules and Policies > Access Rules.
- Optionally, to exclude the interface from Route Advertisement, select Exclude from Route Advertisement (NSM, OSPF, BGP, RIP) This option is not selected by default.
-
Optionally, select Management Traffic Only to restrict traffic to only SonicWall management traffic and routing protocols. This option is not selected by default.
- Optionally, if you have enabled DNS Proxy, the Enable DNS Proxy option for displays for LAN, DMZ, or WLAN interfaces. To enable DNS Proxy on the interface, select the option. This option is not selected by default.
- Optionally, enable Asymmetric Route Support on the interface by selecting Enable Asymmetric Route Support. If enabled, the traffic initialized from this interface supports asymmetric routes, that is, the initial packet or response packet can pass through from other interfaces. This option is not selected by default.
- If configuring a TZ series firewall for a:
- LAN/DMZ/WLAN interface, go to Configuring Routed Mode.
- WAN interface, go to Step 15.
-
Optionally, select Link Aggregation or Port Redundancy from Redundant /Aggregate Ports. For more information see Configuring Link Aggregation and Port Redundancy.
-
To specify the largest packet size (MTU – maximum transmission unit) that a WAN interface can forward without fragmenting the packet, enter the size of the packets that the port receives and transmits in the Interface MTU field:
Standard packets (default) 1500 Jumbo frame packets 9000 Jumbo frame support must be enabled before a port can process jumbo frames, as explained in Policies Administration. Because of the jumbo frame packet buffer size requirements, jumbo frames increase memory requirements by a factor of 4.
-
Optionally, to fragment non-VPN outbound packets larger than the interface’s MTU, select Fragment non-VPN outbound packets larger than this Interface’s MTU. This option is selected by default. When selected, the following option becomes available.
Specify fragmentation of outbound VPN traffic in Advanced Settings.
- Optionally, to override the Do-not-fragment packet bit, select Ignore Don’t Fragment (DF) bit. This option is not selected by default.
- To block notification that the WAN interface can receive fragmented packets, select Do not send ICMP Fragmentation Needed for outbound packets over the Interface MTU. This option is not selected by default.
- If configuring bandwidth management for this interface, go to Enabling Bandwidth Management on an Interface.
- Click OK.
Was This Article Helpful?
Help us to improve our support portal