Configure a Layer 2 Interface, Subinterface, and VLAN
Table of Contents
10.1
Expand all | Collapse all
-
- Tap Interfaces
-
- Layer 2 and Layer 3 Packets over a Virtual Wire
- Port Speeds of Virtual Wire Interfaces
- LLDP over a Virtual Wire
- Aggregated Interfaces for a Virtual Wire
- Virtual Wire Support of High Availability
- Zone Protection for a Virtual Wire Interface
- VLAN-Tagged Traffic
- Virtual Wire Subinterfaces
- Configure Virtual Wires
- Configure an Aggregate Interface Group
- Configure Bonjour Reflector for Network Segmentation
- Use Interface Management Profiles to Restrict Access
-
- DNS Overview
- DNS Proxy Object
- DNS Server Profile
- Multi-Tenant DNS Deployments
- Configure a DNS Proxy Object
- Configure a DNS Server Profile
- Use Case 1: Firewall Requires DNS Resolution
- Use Case 2: ISP Tenant Uses DNS Proxy to Handle DNS Resolution for Security Policies, Reporting, and Services within its Virtual System
- Use Case 3: Firewall Acts as DNS Proxy Between Client and Server
- DNS Proxy Rule and FQDN Matching
-
- NAT Rule Capacities
- Dynamic IP and Port NAT Oversubscription
- Dataplane NAT Memory Statistics
-
- Translate Internal Client IP Addresses to Your Public IP Address (Source DIPP NAT)
- Enable Clients on the Internal Network to Access your Public Servers (Destination U-Turn NAT)
- Enable Bi-Directional Address Translation for Your Public-Facing Servers (Static Source NAT)
- Configure Destination NAT with DNS Rewrite
- Configure Destination NAT Using Dynamic IP Addresses
- Modify the Oversubscription Rate for DIPP NAT
- Reserve Dynamic IP NAT Addresses
- Disable NAT for a Specific Host or Interface
-
- Network Packet Broker Overview
- How Network Packet Broker Works
- Prepare to Deploy Network Packet Broker
- Configure Transparent Bridge Security Chains
- Configure Routed Layer 3 Security Chains
- Network Packet Broker HA Support
- User Interface Changes for Network Packet Broker
- Limitations of Network Packet Broker
- Troubleshoot Network Packet Broker
Configure a Layer 2 Interface, Subinterface, and VLAN
Configure Layer
2 Interfaces with VLANs when you want Layer 2 switching and
traffic separation among VLANs. You can optionally control non-IP
protocols between security zones on a Layer 2 interface or between
interfaces within a single zone on a Layer 2 VLAN.
- Configure a Layer 2 interface and subinterface and assign a VLAN ID.
- Selectand select an interface. TheNetworkInterfacesEthernetInterface Nameis fixed, such as ethernet1/1.
- ForInterface Type, selectLayer2.
- Select theConfigtab.
- ForVLAN, leave the settingNone.
- Assign the interface to aSecurity Zoneor create aNew Zone.
- ClickOK.
- With the Ethernet interface highlighted, clickAdd Subinterface.
- TheInterface Nameremains fixed. After the period, enter the subinterface number, in the range 1 to 9,999.
- Enter a VLANTagID in the range 1 to 4,094.
- Assign the subinterface to aSecurity Zone.
- ClickOK.
- Commit.ClickCommit.
- (Optional) Apply a Zone Protection profile with protocol protection to control non-IP protocol packets between Layer 2 zones (or between interfaces within a Layer 2 zone).