1. Home
    2. WildFire
    3. WildFire® Administrator’s Guide
    4. Set Up and Manage a WF-500 Appliance
    5. Configure the VM Interface on the WF-500 Appliance
    Previous
    Next
    This section describes the steps required to configure the VM interface on the WF-500 appliance using the Option 1 configuration detailed in the Virtual Machine Interface Example. After configuring the VM interface using this option, you must also configure an interface on a Palo Alto Networks firewall through which traffic from the VM interface is routed as described in Connect the Firewall to the WF-500 Appliance VM Interface.
    By default, the VM interface has the following settings:
    IP Address: 192.168.2.1 Netmask: 255.255.255.0 Default Gateway: 192.168.2.254 DNS: 192.168.2.254
    If you plan on enabling this interface, configure it with the appropriate settings for your network. If you do not plan on using this interface, leave the default settings. Note that this interface must have network values configured or a commit failure will occur.
    Configure the VM Interface
    Set the IP information for the VM interface on the WF-500 appliance. The following settings are used in this example: IPv4 address - 10.16.0.20/22 Subnet Mask - 255.255.252.0 Default Gateway - 10.16.0.1 DNS Server - 10.0.0.246 The VM interface cannot be on the same network as the management interface (MGT). Enter configuration mode: admin@WF-500> configure Set the IP information for the VM interface: admin@WF-500# set deviceconfig system vm-interface ip-address 10.16.0.20 netmask 255.255.252.0 default-gateway 10.16.0.1 dns-server 10.0.0.246 You can only configure one DNS server on the VM interface. As a best practice, use the DNS server from your ISP or an open DNS service.
    Enable the VM interface. Enable the VM interface: admin@WF-500# set deviceconfig setting wildfire vm-network-enable yes Commit the configuration: admin@WF-500# commit
    Test connectivity of the VM interface. Ping a system and specify the VM interface as the source. For example, if the VM interface IP address is 10.16.0.20, run the following command where ip-or-hostname is the IP or hostname of a server/network that has ping enabled: admin@WF-500> ping source 10.16.0.20 host ip-or-hostname For example: admin@WF-500> ping source 10.16.0.20 host 10.16.0.1
    (Optional) Send any malicious traffic that the malware generates to the Internet. The Tor network masks your public facing IP address, so the owners of the malicious site cannot determine the source of the traffic. Enable the Tor network: admin@WF-500# set deviceconfig setting wildfire vm-network-use-tor Commit the configuration: admin@WF-500# commit
    Connect the Firewall to the WF-500 Appliance VM Interface.
    Previous
    Next

    Related Documentation

    Configure the WF-500 Appliance

    Configure the WF-500 Appliance This section describes the steps required to integrate a WF-500 appliance into a network and perform basic setup. Configure the WF-500 ...

    Upgrade a WF-500 Appliance

    Upgrade a WF-500 Appliance Use the following workflow to upgrade the WF-500 appliance operating system. The appliance can only use one environment at a time ...

    Enable Local Signature and URL Category Generation

    Enable Local Signature and URL Category Generation The WF-500 appliance can generate signatures locally based on the samples received from connected firewalls and the WildFire ...

    Set Up and Manage a WF-500 Appliance

    Set Up and Manage a WF-500 Appliance This topic describes how to configure a WF-500 appliance in order to host a WildFire® private cloud to ...

    Connect the Firewall to the WF-500 Appliance VM Interface

    Connect the Firewall to the WF-500 Appliance VM Interface The following example workflow describes how to connect the VM interface to a port on a ...

    Set Up the WF-500 Appliance VM Interface

    Set Up the WF-500 Appliance VM Interface The virtual machine interface (vm-interface) provides external network connectivity from the sandbox virtual machines in the WF-500 appliance ...

    Set Up WF-500 Appliance Content Updates

    Set Up WF-500 Appliance Content Updates Configure daily content updates for the WF-500 appliance. WF-500 content updates provide the appliance with threat intelligence to facilitate ...

    set deviceconfig system vm-interface

    set deviceconfig system vm-interface Description The vm-interface is used by malware running on the WF-500 appliance virtual machine sandbox to access the Internet. Activating this ...

    About the WF-500 Appliance

    About the WF-500 Appliance The WF-500 appliance provides an on-premises WildFire private cloud, enabling you to analyze suspicious files in a sandbox environment without requiring ...

    WF-500 Appliance Software CLI Concepts

    WF-500 Appliance Software CLI Concepts This section introduces and describes how to use the WF-500 appliance software command line interface (CLI): WF-500 Appliance Software CLI ...

    © 2019 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo