10.5.2. How does installer decide what address to use to connect to the firewall

Installer does not use the name of the firewall when it connects; it always uses the firewall's IP address. Installer starts by scanning interfaces of the firewall object looking for one that is marked as "Management interface" in the interface object dialog. Installer uses the address of this interface to connect. The Management interface checkbox looks this:

Figure 10.19. 

If your firewall has multiple addresses and you want to use the one that is not assigned to its interface in the fwbuilder object, then you can overwrite the address using the entry field in the "Installer" tab of the "Advanced" firewall object settings dialog, like this:

Figure 10.20. 

More about other input fields in this dialog below.

Finally, you can overwrite the address on a one-time basis just for a particular install session using the entry field in the installer options dialog. This is the same dialog where you enter your password:

Figure 10.21. 


This works for all supported firewall platforms: iptables on Linux, pf on OpenBSD and FreeBSD, ipfw on FreeBSD and Mac OS X, ipfilter on FreeBSD, Cisco IOS access lists, Cisco ASA (PIX), and so on. Regardless of the platform, the installer follows the rules described here to determine what address it should use to connect to the firewall.


Copyright © 2000-2012 NetCitadel, Inc. All rights reserved.
 Using free CSS Templates.