By default, Firewall Builder attempts to determine an interfaces function based on the name of the interface. For example, on Linux if an interface is named eth2.102 based on the interface name Firewall Builder will determine that the interface appears to be a VLAN interface with parent interface eth2 and VLAN ID 102.
If a user tries to create an interface with a name that doesn't match the expected patterns Firewall Builder will generate an error. For example, attempting to create the same eth2.102 interface from our previous example as an interface object directly under a firewall object Firewall Builder will generate the error shown in Figure 9.5.
If instead the eth2.102 interface were to be created as a child object under the eth2 interface then Firewall Builder would not generate the error since the VLAN interface eth2.102 should be a sub-interface of eth2. Note that in this case Firewall Builder will automatically set the interface type to VLAN and will set the VLAN ID to 102.
You can view and edit the interface type and VLAN ID by clicking the "Advanced Interface Settings ..." button in the editor panel of the interface. An example of the advanced settings for eth2.102, when created as a child interface of eth2, is shown in diagram Figure 9.6.
Sometimes you may want to override the default behavior where Firewall Builder expects interface names to follow a specific naming convention. To disable this feature, open the Firewall Builder preferences window, click the Objects tab and click the Interface sub-tab in the lower window. Uncheck the checkbox labeled "Verify interface names and autoconfigure their parameters using known name patterns".
In this mode, Firewall Builder will not auto-populate any fields, even if the interface name matches an expected pattern like eth2.102. All interface parameters, such as interface type and VLAN ID, must be configured manually.
Copyright © 2000-2012 NetCitadel, Inc. All rights reserved.
Using free CSS Templates.