Configure a Custom Interface

A custom interface enables you to define a custom security zone that is separate from the predefined trusted, optional, and external zones. A custom interface is not a member of the built-in aliases Any-Trusted, Any-Optional, or Any-External. Because a custom interface is not included in the built-in aliases, traffic for a custom interface is not allowed through the XTM device unless you specifically configure policies to allow it.

To configure a custom interface, the device must use Fireware XTM v11.9 or higher.

You can configure a physical interface, wireless interface, Bridge, VLAN, or Link Aggregation interface as a custom interface. When you configure an interface as a custom interface, the network settings you can configure are the same as for a trusted or optional interface.

These examples show how you can use a custom interface:

To configure a physical interface as a custom network interface:

  1. Select Network > Interfaces.

    The Network Interfaces dialog box appears.
  2. Select an interface and click Configure.

    The Interface Configuration dialog box appears.
  3. In the Interface Name (Alias) text box, you can use the default name or change it to one that more closely reflects your own network.

    Make sure the name is unique among interface names, and is not used for any Mobile VPN group names or tunnel names. You can use this alias with other features, such as proxy policies, to manage network traffic for this interface.
  4. (Optional) In the Interface Description text box, type a description of the interface.
  5. From the Interface Type drop-down list, select Custom.
  6. In the IP Address text box, type the IPv4 address in slash notation. For information about IP addresses to use for trusted and optional networks, see About Private IP Addresses.
  7. Configure other interface settings.
  8. Click Save.

To configure a wireless, VLAN, Bridge, or Link Aggregation interface as a custom interface, set the Interface Type to Custom, and configure all other settings as you would for a trusted or optional interface.

After you configure an interface as a custom interface, you must configure policies to allow traffic to and from the interface. You can edit the existing policies or create new policies that use the custom interface name. Or, you can create a new alias that includes multiple custom interfaces, and then use that custom alias in policies. For more information about aliases, see About Aliases.

See Also

Common Interface Settings

About Advanced Interface Settings

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base