To configure a network card for a static Ethernet connection to an internal or external network, you must configure the network card with an IP address and netmask.
To configure a static Ethernet interface, proceed as follows:
On the Interfaces tab, click New Interface.
The Add Interface dialog box opens.
Make the following settings:
Name: Enter a descriptive name for the interface.
Type: Select Ethernet from the drop-down list.
Hardware: Select an interface from the drop-down list.
Tip – For an external connection (e.g., to the Internet) choose the network card with SysID eth1.
Dynamic IP: Activate if you want to use a dynamic IP address.
IPv4/IPv6 address: Enter the IP address of the interface.
Netmask: Select a network mask (IPv4) and/or enter an IPv6 network mask.
IPv4/IPv6 default GW (optional): Select this option if you want to use a statically defined default gateway.
Default GW IP (optional): Enter the IP address of the default gateway.
Note – You can configure an interface to have an IPv4 and an IPv6 address simultaneously.
Comment (optional): Add a description or other information.
Optionally, make the following advanced settings:
Hostname: If your ISP requires to receive the hostname of your system, enter it here.
MTU: Enter the maximum transmission unit for the interface in bytes. You must enter a value fitting your interface type here if you want to use traffic management. A sensible value for the interface type is entered by default. Changing this setting should only be done by technically adept users. Entering wrong values here can render the interface unusable. An MTU size greater than 1500 bytes must be supported by the network operator and the network card (e.g., Gigabit interface). By default, an MTU of 1500 bytes is set for the Ethernet interface type.
Default route metric: Enter the default route metric for the interface. The metric value is used to distinguish and prioritize routes to the same destination and is valid for all interfaces.
Proxy ARP: To enable the function, select the checkbox. By default, the Proxy ARP function is disabled (Off).This option is available on broadcast-type interfaces. When you switch it on, Sophos UTM will "attract" traffic on that interface for hosts "behind" it and pass it on. It will do that for all hosts that it has a direct interface route for. This allows you to build "transparent" network bridging while still doing firewalling. Another use for this feature is when your ISP's router just puts your "official" network on its Ethernet interface (does not use a host route).
Asymmetric (optional): Select this option if your connection's uplink and downlink bandwidth are not identical and you want the Dashboard to reflect this. Then, two textboxes are displayed, allowing you to enter the maximum uplink bandwidth in either MB/s or KB/s. Select the appropriate unit from the drop-down list.
Displayed max (optional): Here you can enter the maximum downlink bandwidth of your connection, if you want the Dashboard to reflect it. The bandwidth can be given in either MB/s or KB/s. Select the appropriate unit from the drop-down list.
The system will now check the settings for validity. After a successful check the new interface will appear in the interface list. The interface is not yet enabled (toggle switch is gray).
Enable the interface.
Click the toggle switch to activate the interface.
The interface is now enabled (toggle switch is green). The interface might still be displayed as being Down. The system requires a short time to configure and load the settings. Once the Up message appears, the interface is fully operable.
To show only interfaces of a certain type, select the type of the interfaces you want to have displayed from the drop-down list. To either edit or delete an interface, click the corresponding buttons.
|© 2019 Sophos Limited
|Sophos UTM 9.600