Adding a secondary network

Adding a secondary network

A secondary network is a network on the same physical wire as a Firebox interface that has an address belonging to an entirely different network. Adding a secondary network to a Firebox interface maps an IP address from the secondary network to the IP address of the interface. This process is also known as adding an IP alias to the Firebox interface.

The secondary network IP address becomes the default gateway for all the machines on that network. Adding the secondary network also tells the Firebox that another network resides on the wire.

The Policy Manager does not verify that you have entered the correct address. Check secondary network addresses carefully. For example, WatchGuard recommends that you not enter a subnet on one interface that is part of a larger network on another interface.

The procedure for adding a network route to all three of the Firebox interfaces is identical. The description below is for a secondary network on the Optional interface. From Policy Manager:

1Select Network => Configuration.

2 Click the Optional tab.

3In the Secondary Networks section of the dialog box, enter the network address

in slash notation in the text box to the left of the Add button. Click Add.

The address appears in the Secondary Networks list.

Defining a network route

If you have router behind the Firebox, you need to define a network route. From Policy Manager:

1Verify that you are using the Advanced view of Policy Manager.

From Policy Manager, select View. Verify that the Advanced menu item has a checkmark in the box in front of it. If it doesn’t, click it.

2Select Network => Routes.

3 Click Add.

4 Enter the network address in slash notation.

5In the Gateway text box, enter the route gateway.

Be sure to specify a route IP address that is on the same network as the Firebox.

6Click OK.

The Setup Routes dialog box lists the newly configured network route.

7Click OK.

The route data is written to the configuration file.

38

Page 48
Image 48
WatchGuard Technologies FireboxTM System 4.6 Adding a secondary network, Defining a network route, Select Network = Routes