About Advanced Interface Settings

You can use several advanced settings for Firebox interfaces:

Network Interface Card (NIC) Settings

Configures the speed and duplex parameters for Firebox interfaces to automatic or manual configuration. We recommend you keep the link speed configured for automatic negotiation. If you use the manual configuration option, you must make sure the device the Firebox connects to is also manually set to the same speed and duplex parameters as the Firebox. Use the manual configuration option only when you must override the automatic Firebox interface parameters to operate with other devices on your network.

Set Outgoing Interface Bandwidth

When you use Traffic Management settings to guarantee bandwidth to policies, this setting makes sure that you do not guarantee more bandwidth than actually exists for an interface. This setting also helps you make sure the sum of guaranteed bandwidth settings does not fill the link such that non-guaranteed traffic cannot pass.

Enable QoS Marking for an Interface

Creates different classifications of service for different kinds of network traffic. You can set the default marking behavior as traffic goes out of an interface. These settings can be overridden by settings defined for a policy.

Set DF Bit for IPSec

Determines the setting of the Don’t Fragment (DF) bit for IPSec.

PMTU Setting for IPSec

(External interfaces only) Controls the length of time that the Firebox lowers the MTU for an IPSec VPN tunnel when it gets an ICMP Request to Fragment packet from a router with a lower MTU setting on the Internet.

Use Static MAC Address Binding

Uses computer hardware (MAC) addresses to control access to a Firebox interface.