2.3.16. Network Management


2.3.16.1. Configuring Interface


2.3.16.1.1. Interface default value

In the default settings, any value is not specified.
Port 2 is an interface to be used by the user.
Port 1 is reserved as a required port to offer this menu, and it isn't displayed.

2.3.16.1.2. Items required for interface configuration

The following items are required for interface configuration.

Item

Value

Description

Port Port[2]

Port No. will be shown. For the WAF feature, Port 2 is shown; this cannot be edit.

Enable Port

✔ (Check)

Check for entering parameters.
All values that you have entered will be deleted if you uncheck.
IP Address [CIDR] XXX.XXX.XXX.XXX/24
Enter an IP address being allocated to a port.
Enter the IP address made of that for the Network Id and Subnet Id selected below.
Subnet mask should be entered in CIDR format.
MTU Size 1280-9000 [byte]
Specify the relevant MTU Size for the interface.
Its default value is 1500 bytes.
Network Id

(select from the list)

Select a Network Id which you want to use from your network list.

Subnet Id

(select from the list)

Select a Subnet Id which you want to use from the list of available subnets on the selected network.

Port Id

(Auto-Assign)

This will be automatically assigned when the settings are applied; this cannot be edit.

Note

  • If routing is already set up, you can not disable the Enable Port setting. You must disable the Enable Port setting after deleting the routing configuration. The same is true when changing the IP address of the interface to a different subnet, and it is necessary to execute the interface configuration after deleting the routing setting.

  • If you create a logical network name under specific conditions, the created network will not be displayed. When creating a logical network, see here  .


2.3.16.1.3. Prohibited IP address

The following IP addresses cannot be used for interfaces, routes, objects, or lists.
When using any of the IP addresses below are used, operations may not performed properly.
  • 100.65.0.0/16
  • 100.66.0.0/15
  • 100.68.0.0/14
  • 100.72.0.0/14
  • 100.76.0.0/15
  • 100.78.0.0/16
  • 100.80.0.0/13
  • 100.88.0.0/15
  • 100.91.0.0/16
  • 100.92.0.0/14
  • 100.126.0.0/15

2.3.16.1.4. Preparing the required settings

  1. When clicking [ WAF Port Management ] that is shown in the [ Network Management ] section, the detailed screen of [ Network Management ] will be opened.
    トップ画面

  1. To enable the user network information to be referred to, click and select the device to be set, and then click [ Get Network Info ].
    Port Management

  1. [ Task Status ] is displayed. When completed normally, the task status of “Get Network Info” turns green. Click [x] to close the window.
    Task Status 3

  1. On the WAF Port Management screen, click [ Manage Interfaces ].
    デバイス選択

  1. Select "Port2" by clicking, and click [ Edit ].
    Manage Interfaces

  1. By checking [ Enable Port ], you can enter values required for the settings.
    ポート設定

  1. Enter the setting values, and click [ Save ]. This action only would not apply the settings to the device.
    ポート設定保存

Important

Please make sure to enter the value for "IP Address[CIDR]" in CIDR format as the following example shows.

e.g.)
192.168.2.100/24
[IP Address]+[/]+[Subnet]

After making the port settings, apply those with the procedures described in the following section "Applying the settings".

2.3.16.1.5. Applying the settings

  1. When the necessary port settings have been made, click [ Apply Now ] on the Manage Interfaces screen. It takes some times for completing.
    ポート設定適用

  1. [ Task Status ] is displayed. When completed normally, all statuses turn green. Click [x] to close the window.
    タスクステータス1

  1. When a problem occurs (when the status is "red") This will be displayed. Please refer to : ref:` interface - error` .
    タスクステータス2


2.3.16.1.6. In case of correcting and retrying made on the setting values

Important

If the applying process is interrupted before the error is corrected, the user’s Managed WAF will keep its status being in shutdown, unconnected, no updated setting. Please make sure to check the details of the error and correct it before all tasks are completed.

Occurrence of an error results in display like this in [ Task Status ].
実行ステータス2

If [ Task Status ] has been closed, an error is indicated by [ Status ] of Port Management, and the buttons of Get Network Info and Manage Interface are disabled until the problem is solved.
ステータスエラー

As clicking on any space where the status and message are displayed, task histories appear.
In the task histories, the status of a process having an error is indicated with red-color, and the error details will be partially shown in the details column.
Click the [ ☰ (status detail indication) ] button located at the right-end of the table.
ステータス詳細表示

Regarding an error occurrence task, the [ Continue Task ] button is displayed to the right of Details.
実行ステータス

Clicking the [ Continue Task ] button causes the problematic setting screen to be displayed. Refer to the message in Details and correct the setting values.
In the example here, the message says "Below IP Address/MTU inputs are Not OK. Please correct the values before running the Process again. IP Address 192.168.0.100 is not in CIDR format." and indicates the error is caused because the IP address wasn't written in CIDR format. Rewrite the IP address in CIRD format such as "192.168.0.100/24" and retry by clicking [ Apply Now ].
実行ステータス2

Backing to the task status screen, and the applying process will be retried. The error status (indicated with red-color) will be retained as a history.
実行ステータス3

Please wait until the last task is completed normally.
実行ステータス4

2.3.16.1.7. Status, task and actions required for correcting errors

Here is the descriptions of task status.

Task color

 

Task status

Gray

(grey)

Unimplemented task

Blue

(blue)

Task in progress

Green

(green)

Task completed normally

Red

(red)

Task with error


The table below shows task name, description and action required for correcting errors. If you have any task having an error, please take appropriate actions such as making inquiries, correcting values and retrying.

Task name

Task description

Action required in case of error occurrence (red-color)

Verify IP Address , MTU Inputs

The allocated IP address (CIDR) will be verified.

An error was detected through verification of the IP address (CIDR). Check the input value, make corrections, and retry.If this task turns red and a message "Subnet xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx(ID number) does not exist." is displayed, there is a possibility that the latest network information could not be obtained, please inform us via the Enterprise Cloud 2.0 ticket system.
Stop Ping Monitoring

Ping Monitoring is temporarily halted before application of the port setting.

When temporary halt of Ping Monitoring fails, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Stop the WAF
When the setting applying process is started, your Managed WAF will be shutdown temporally. (It will kept being shutdown until the Start the WAF task is completed.)
An error occurred on the shutdown process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Wait for WAF Ping unreachability from MSA

Your Managed WAF's connectivity termination will be checked.

An error occurred on the connection verification process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Delete Ports

To apply the setting, delete the port firstly.

An error occurred on the deleting the ports, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Create Ports

New ports will be created.

An error occurred on the port create process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Attach Ports

The created ports will be attached.

An error occurred on the port attachment process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Start the WAF

Your Managed WAF will be booted.

An error occurred on the starting process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Wait for WAF Ping Reachability from MSA

Your Managed WAF's connectivity will be checked.

An error occurred on the connection verification process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Wait for WAF SSH Connectivity from MSA

Your Management WAF's SSH connectivity will be checked.

An error occurred on the SSH process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Update WAF

Your Managed WAF settings will be refreshed.

An error occurred on the configuration updating process, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Device Backup

Save the changed settings to the system.

An error occurred on the system, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.
Start Ping Monitoring

Ping Monitoring is resumed after application of the port setting.

When resume Ping Monitoring fails, the indicator turns red. Please retry after 10 minutes or so. In case the error failed to be corrected, please inform us via the Enterprise Cloud 2.0 ticket system.

Note

  • If the applying process is interrupted before the error is corrected, the user’s Managed WAF will keep its status being in shutdown, unconnected, no updated setting.

  • If problems occur, refer to the above table and implement necessary measures.


2.3.16.2. Device Stop / Start

It is a procedure to stop or start the customer's WAF.

On the WAF Port Management screen, click [ Stop/Start WAF ].
StopStart1

Since the Stop / Start WAF screen is displayed, click [ Run Now ].
StopStart2

The Tasks status screen is displayed. It does not start automatically after stop. "Pause" turns yellow.
If you want to start the device, click [ Continue Task ].
StopStart TaskStatus1
If "Pause" is yellow and the task status is closed, you can restart from "Live Console".

Since the Stop / Start WAF screen is displayed, click [ Run Now ].
StopStart TaskStatus2

"Pause" turns green and device startup starts. Please wait until "Start Ping Monitoring" turns green.
StopStart TaskStatus3

Close the Tasks status screen with [x].

2.3.16.3. Other functions

Status
From the [ Network Management ] control panel, open the [ WAF Port Management ] screen and click [ Status ] to display the job histories of Manage Interfaces and Refresh Interfaces.

Port Management2


By clicking the relevant item's detailed status icon on the job histories screen, its task status screen will be shown.

ステータス画面


In this job histories, tasks having any error (in red-color) are remained. By retrying after error corrections, you can see the status of those tasks have been proceeded appropriately (in green-color).

タスク履歴


Live Console
From the [ Network Management ] control panel, open the [ ** [WAF Port Management] ** ] screen and click [ Live Console ] to open the [ Task Status ] screen directly.

ライブコンソール


Details
From the [ Network Management ] control panel, open the [ ** [WAF Port Management] ** ] screen and click [ Details ] to switch whether the lower-section of the screen is or isn't displayed.

詳細表示


Dashboard
From the [ Network Management ] control panel, open the [ ** [WAF Port Management] ** ] screen. By click [ Dashboard ], histories of process and status will be shown with graphs.

ダッシュボード表示


On the Dashboard screen, you can select either [ Past a week ] or [ Past a month ].
To go back to the previous screen, click [ ** [WAF Port Management] ** ] shown at the left-side pane.

プロセスタイムライン


Narrowing down display
Devices to be displayed can be narrowed down by inputting a device name into the Search field shown by selecting [ Network Management ] - [ WAF Port Management ]. The numeric value shown for Max rows indicates the number of lines for display. After finishing input and changes, move the cursor outside the field (the Enter key does not serve for execution).
search_device

2.3.16.4. Ping Execution

Ping Execution is a function that allows you to perform Ping from your Managed Firewall, UTM or WAF to a specific IP address. You can also confirm the results.

At the [ Network Management ] pane, click [ Ping Execution ].
Ping Execution

Click [ Execute Ping ].
Execute Ping

At the [ Device Id ] field, select a target device which you want to execute Ping on. Enter the destination IP address, and click [ Run Now ].
Execute Ping

When it is proceeded, its result comes.
Ping Status

At [ Live Console ], you can check details of the result.
Tasks status