Adding Secondary Networks

When you add a secondary network to a Firebox interface, you indicate that there is another logical network on that interface. To add a secondary network to a Firebox interface, you add another IP address and subnet mask to that Firebox interface. The IP address you add to the Firebox comes from the secondary network. The IP address you use for the Secondary Network IP address must not be assigned to any other host on that network. The secondary network IP address tells the Firebox that there is one more network on the Firebox interface.

To use the Policy Manager to configure a secondary network:

Click Network > Configuration.

The Network Configuration dialog box appears.

Click the Secondary Networks tab.

The Secondary Networks tab appears.

Use the drop-down list in the lower part of the dialog box to select the interface to which the secondary network connects.
Type an IP address from the secondary network in the text box adjacent to the drop-down list. Use slash notation to show the subnet mask. Because this IP address is assigned to the Firebox interface, it must not be assigned to any other computer on the secondary network.

When you type an IP addresses, type all the numbers, the dots, and the slash. Do not use the TAB or arrow key. For more information on how to type the IP address, refer to "Enter the IP addresses" on page 38.

Note: Be careful to add secondary network addresses correctly. The Policy Manager does not tell you if the address is correct. WatchGuard recommends that you do not enter a subnet on one interface that is a component of a larger network on a different interface. If you do this, spoofing can occur and the network can not operate correctly.

Return to Top