Infinity CHECK POINT 1100 Administration Manual page 66

Appliances centrally managed

Hide thumbs Also See for CHECK POINT 1100:

Administration manual (122 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

Table of Contents

To edit a physical interface:

Configure the fields in the tabs. Note that for the DMZ there is an additional tab Access Policy:

Configuration tab

•

Assigned to - Select the required option:

•

Unassigned - The physical interface is not part of any network and cannot be used.

•

One of the existing configured switches or bridges

•

Separate network - When selecting a separate network configure this information:

IP address



Subnet mask



DHCP Server settings



Select one of the options:

Enabled - Enter the IP address range and if necessary the IP address exclude range.

The appliance's own IP address is automatically excluded from this range. You can also

exclude or reserve specific IP addresses by defining network objects in the Users &

Objects > Network Objects page. Reserving specific IP addresses requires the MAC

address of the device.

Relay - Enter the DHCP server IP address.

Disabled

Note - When you create a switch, you cannot remove the first interface inside unless you delete

the switch.

Advanced tab

The options that are shown vary based on interface type and status. Configure the options that are

applicable:

•

Description - Enter an optional description. The description is shown in the local network table

next to the name.

•

MTU size - Configure the Maximum Transmission Unit size for an interface. Note that in the

Check Point Appliance, the value is global for all physical LAN and DMZ ports.

•

Disable auto negotiation - Select this option to manually configure the link speed of the

interface.

•

Override default MAC address – This option is for local networks except those on VLANs and

wireless networks. Use this option to override the default MAC address of the network's

interface, when the device has two separate local networks connected to the same external

switch.

Best Practice - This is a rare configuration. Do not select this option unless you are sure you

need it.

Note - This option is not supported in 1100 appliances.

•

Exclude from DNS proxy – Select this checkbox for any network that you do not want exposed

to internal domains. In guest VAPs (wireless network for guests), this is selected by default.

Access Policy tab (only for DMZ)

These options create automatic rules that are shown in the Access Policy > Firewall Policy page.

Allow access from this network to local networks

•

Log traffic from this network to local networks

Check Point 1100/1200R/1400 Appliances Centrally Managed Administration Guide R77.20.70

Appliance Configuration

Table of Contents

Need help?

Do you have a question about the CHECK POINT 1100 and is the answer not in the manual?

This manual is also suitable for:

Check point 1200r Check point 1400 L-50 L-50d L-50w L-50wd ... Show all

Infinity CHECK POINT 1100 Administration Manual page 66

Need help?

Related Manuals for Infinity CHECK POINT 1100

This manual is also suitable for:

Table of Contents