2.2.18.1. Single Configuration Network Management¶
2.2.18.1.1. Interface setting¶
2.2.18.1.1.1. The default State : "Interface"¶
By default, any interface has been set up.
Port 4 - 10 are interfaces available for the customers.
Port 1-3 are not shown because they are reserved as necessary ports for this menu.
2.2.18.1.1.2. Setting Items : "Interface"¶
Following are the setting items as describes below:
Items |
Values |
Descriptions |
|---|---|---|
| Port | Port [ 4 - 10 ] |
Port number is shown; yet, the user cannot edit. |
| Enable Port | "✔" (Marking to the checkbox) |
Marking to the "Enable Port" box allows you to input the parameter.
On the other hand, once you have unmarked to the checkbox, your input value will disappear.
|
| IP Address [CIDR] | XXX.XXX.XXX.XXX/24 | Input IP Address being assigned to the port.
You need to specify any IP address from the range of IP address on Subnet ID & Network ID selected as described below:
Subnet masks need to be input in the CIDR format.
|
| MTU Size | 100-9000 [byte] | The user can specify the interface's MTU size.
Default value is 1500 bytes.
|
Network ID |
(Select from the list) |
Select any Network ID you want to use from your Network list. |
Subnet ID |
(Select from the list) |
Select a specific Subnet ID from the available Subnet list in your selected Logical Network. |
Port ID |
(Auto-Assign) |
Once the new settings has been applied, a new Port ID will be automatically assigned to the relevant port. NOTE: You are NOT allowed to edit the Port ID. |
Note
In case the user employs VRRP for the other device used in a pair, it is necessary to set different VRRP ID for it.
If you create a logical network name under specific conditions, the created network will not be displayed. When creating a logical network, See here .
2.2.18.1.1.3. Prohibited IP address¶
The IP addresses below are not available for Interface, Routing, Address Objects, Destination NAT and Source NAT.
If these IP addresses are used, the operation may cause some error.
- 100.65.0.0/16
- 100.66.0.0/15
- 100.68.0.0/14
- 100.72.0.0/14
- 100.76.0.0/15
- 100.78.0.0/16
- 100.80.0.0/13
- 100.88.0.0/15
- 100.91.0.0/16
- 100.92.0.0/14
- 100.126.0.0/15
2.2.18.1.1.4. Preparing for the New Settings.¶
- Click [WORKFLOWS] -> [Workflow] -> [UTM Port Management] to open the interface setting details screen.For Single Configuration, the [ Cluster Port Management ] and [ Cluster Route Management ] are not used.
- To enable the user network information to be referred to, click and select the device to be set, and then click [ Get Network Info ].
- The Task Status is displayed. When the Get Network Info task turns green, it is successful. Click [Close] to close it.
- Click the target device being setting to be selected, then click [ Manage Interface ] .
- Select the target port for setting, then click "Edit".
- By marking the check box for the [ Enable Port ], the user can input the setting value.
Input the setting value, and click [ Save ]. Please remind that this action itself does not apply the saved data to the device.
Note
The [ IP Address[CIDR] ]should be input in the CIDR style as the example below shows.
Example:
192.168.2.100/24
[IP Address]+[/]+[Subnet]
Once you have prepared for the port settings, please apply for the new settings accordingly by the procedure of "Applying configuration".
2.2.18.1.1.5. Applying the new Settings¶
The setting applying process is common to Single Configuration and HA Configuration.
- Once you have prepared a port being utilized, click [ NOW RUN ] at the Manage Interface screen.
- [ Task Status ] is displayed.
Following describes respective task statuses.Task Colors
Task Statuses
"Blue"
Processing Task
"Green"
Task normally completed
"Red"
Task with Unknown-Issue.
- When completed normally, all statuses turn green. Click [x] to close the window.
2.2.18.1.1.6. Task Status and Error (Red) Solution¶
Note
Any error (status in red color) occurred at the timing of interface setting applying may effect on the user's communication. Please make sure to check the details of the error and correct it before all tasks are completed.
Occurrence of an error results in display like this in [ Task Status ].
If [ Task Status ] has been closed, an error is indicated by [ Status ] of Port Management, and the buttons of Get Network Info and Manage Interface are disabled until the problem is solved.
If clicking the area which show [ Status ] and [ Message ], the history is displayed. On the history, the status of an error occurrence process turns red, and part of the error information is displayed in [ Details ] area.
To recover from the error, click [ Status Detail Display ] at the right end, followed by display of [ Task Status ].
Regarding an error occurrence task, the [ Continue Task ] button is displayed to the right of Details.
Clicking the [ Continue Task ] button causes the problematic setting screen to be displayed. Refer to the message in Details and correct the setting values.
In the example above where "Below IP Address / MTU inputs are Not OK. Please correct the values before running the Process again. IP Address XXX.XX.XX.XX is not in CIDR format." is shown, click the [ Continue Task ] button, correct the IP address, and then click [ Run Now ] again.
Note
In the case of the example above, the error message was brought as IP Address[CIDR] was not written in the CIDR style.
The [ IP Address[CIDR] ]should be input in the CIDR style as the example below shows.
Example:
192.168.2.100/24
[IP Address]+[/]+[Subnet]
Click [ Run Now ] after your updating settings, then "Tasks Status" screen will get back. [ Applying Configuration ] will resume.
Please wait for a moment until the last task is normally completed.
Click [ × ] at the [ Task Status ] screen.
About tasks status: when any status become red, check its task name (status), details and necessary actions for incident occurrence by referring to the table below. Then, execute retry.
Note
If the applying process is interrupted before the error is corrected, the user's Managed Firewall/UTM will keep its status being in shutdown, unconnected and/or no updated setting.
In case the error failed to be corrected by retrying, please inform us via the Enterprise Cloud 2.0 ticket system.
Task Name |
Task Description |
Necessary Action for Incident Occurrence (Red Status) |
|---|---|---|
| Verify IP Address Inputs | Verify the IP address (CIDR) intending to be set. |
An error was detected through verification of the IP address (CIDR). Check the input value, make corrections, and retry. If this task turns red and a message "Subnet xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx(ID number) does not exist." is displayed, there is a possibility that the latest network information could not be obtained, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Stop Ping Monitoring | Ping Monitoring is temporarily halted before application of the port setting. |
When temporary halt of Ping Monitoring fails, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Stop the UTM | When starting the setting applying process, the user's Managed Firewall/UTM is temporally shutdown. (It will keep being in shutdown until the Start the UTM task is completed.)
|
An error occurred on the shutdown process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
Wait for UTM Ping Reachability from MSA. |
Confirm the connection status of the user's Managed Firewall/UTM. |
An error occurred on the connection verification process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Delete Ports | Ports will be deleted in order to apply the settings. |
An error occurred on the deleting the ports, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Create Ports | Create new ports. |
An error occurred on the port create process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Attach Ports | Attach the created ports. |
An error occurred on the port attachment process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Start the UTM | Start the user's Managed Firewall/UTM. |
An error occurred on the starting process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
Wait for UTM Ping Reachability from MSA. |
Confirm the connection status of the user's Managed Firewall/UTM. |
An error occurred on the connection verification process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Verify License Validity | Check the validity of the license. |
If it turns red, there is a problem with the license. Please apply again after about 10 minutes. If the problem persists, please contact us at Enterprise Cloud 2.0 Ticket System.
|
| Update UTM (Interfaces) | Update configuration of Managed Firewall / UTM interfaces. |
An error occurred on the configuration updating process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Device Backup | Save the changed settings to the system. |
An error occurred on the system, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
| Start Ping Monitoring | Ping Monitoring is resumed after application of the port setting. |
When temporary halt of Ping Monitoring fails, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
|
Confirm all tasks have been completed normally (becoming green status.)
2.2.18.1.2. Device Stop / Start¶
It is a procedure to stop or start the customer's Managed FW/UTM of single configuration plan.
On the UTM Port Management screen, click [ Stop/Start UTM ].
Since the Stop / Start UTM screen is displayed, click [ Run Now ].
The task status screen is displayed. It does not start automatically after Stop. [Pause] turns orange.
If you want to start the device, click [ Continue Task ].
If [Pause] remains orange and you close the task status, you can resume it from the [Live Console].
Since the Stop / Start UTM screen is displayed, click [ Run Now ].
"Pause" turns green and device startup starts. Please wait until "Start Ping Monitoring" turns green.
Close the Tasks status screen with [x].
2.2.18.1.3. Other Features¶
Status
Click [Status] on the [WORKFLOWS] -> [Workflow] -> [UTM Port Management] screen to display the execution history of Manage Interfaces and Refresh Interfaces.
At the history screen, when you click [ task status ], the [ Task Status ] screen will display, showing the history of executed tasks.
Live Console
You can open [Task Status] directly by clicking [Live Console] on the [WORKFLOWS] -> [Workflow] -> [UTM Port Management] screen.
Details
Click [Details] on the [WORKFLOWS] -> [Workflow] -> [UTM Port Management] screen to show or hide the section below.
Dashboard
Click the dashboard on the [WORKFLOWS] screen to see a graph of process and status history.
On the Dashboard, the user can choose either [ a week ago ] or [ a month ago ].
To return to the original screen, click [Workflow] -> [UTM Port Management].
Narrowing down display
You can narrow down the devices to be displayed by entering the device name in the search of [WORKFLOWS] -> [Workflow] -> [UTM Port Management].
2.2.18.1.4. Ping Execution¶
In [Ping Execution] , customer can ping to any IPaddress from customer's Managed Firewall/UTM/WAF instance.
Click [WORKFLOWS] -> [Workflow] -> [Ping Execution].
Click on [Execute Ping].
Select Ping target device by [Device ID] and input target IPaddress, then click [Execute Now].
Once Ping is completed, the result will appear.
Detail of result can be checked at [Live Console].
2.2.18.1.5. Device Config Export¶
[Device Config Export] can output the contents set by Device Management to the CSV file for each device.
Click [WORKFLOWS] -> [Workflow] -> [Device Config Export].
Click [Export Config].
Select target device by [Device ID] , and click [ Run Now ].
The [Task Status] is displayed. When the Export Config task turns green, it is completed normally. Click [Close] to close it.
For the created file, you can check it at Document .
Note
By reloading the browser it will be reflected in Document .
Please refer to Document about how to download documents.
For information on how to read the created file, please see How to read the export file .
Note
The contents set with Network Management are not output.