Installation guide
72
Chapter 8 Configuring Master Engines and Virtual Layer 2 Firewalls
4. (Interface for Hosted Virtual Layer 2 Firewall communications only) Define the Physical
Interface properties as explained in the table below.
Table 8.2 Physical Interface Properties for Hosted Virtual Layer 2 Firewall Communications
Options Explanation
Interface ID
The Interface ID automatically maps to a Physical Interface of the same
number during the initial configuration of the engine, but the mapping
can be changed as necessary through the engine’s command line
interface.
Type
Select Inline Interface or Capture Interface as the Interface Type for
hosted Virtual Layer 2 Firewall communications.
Second Interface ID
(Inline Interface only)
Select a Second Interface ID for the Inline Interface. The Interface ID is
mapped to a Physical Interface during the initial configuration of the
engine.
Bypass Unspecified VLANs
(Inline Interface only)
When this option is not selected, the Master Engine blocks traffic from
VLANs that are not allocated to any Virtual Layer 2 Firewall. Select this
option to make the Master Engine bypass traffic from VLANs that are not
allocated to any Virtual Layer 2 Firewall without inspection. We
recommend that you keep this option deselected if you do not have a
specific reason to select it.
Virtual Resource
The Virtual Resource associated with the interface. Select the same
Virtual Resource in the properties of the Virtual Layer 2 Firewall element
to add the Virtual Layer 2 Firewall to the Master Engine.
Only one Virtual Resource can be selected for each Physical Interface. If
you want to add multiple Virtual Resources, add VLAN Interfaces to the
Physical Interface and select the Virtual Resource in the VLAN Interface
properties as explained in Adding VLAN Interfaces for Master Engines
(page 74).
Allow VLAN Definition in
Virtual Engine (Optional)
Select this option to allow VLAN Interfaces to be added to the
automatically created Physical Interfaces in the Virtual Layer 2 Firewall
that is associated with this interface.
Virtual Engine Interface ID
Select the Interface ID of the Physical Interface in the Virtual Layer 2
Firewall that is associated with this interface.
Second Interface ID
(Inline Interface only)
Select the second Interface ID of the Inline Interface in the Virtual Layer
2 Firewall that is associated with this interface.
Throughput (kbps)
(Optional, Inline Interface
only)
Enter the maximum throughput for Virtual Layer 2 Firewalls that use this
interface as kilobits per second (for example, 2048). The same
throughput is automatically applied to any VLANs created under this
Physical Interface. See Adding VLAN Interfaces for Master Engines
(page 74).