You can configure the Interface settings for each Edge model. Each Interface on an Edge can be a Switch Port (LAN) or a Routed (WAN) Interface.
The Interface Settings options vary based on the Edge model. For more information on different Edge models and deployments, see Configure Device Settings.
Procedure
- In the Enterprise portal, click Configure > Profiles.
- Click the Device Icon next to a profile, or click the link to the profile, and then click the Device tab.
- Scroll down to the Device Settings section, which displays the existing Edge models in the Enterprise.
- Click the DOWN arrow next to an Edge model to view the Interface Settings for the Edge.
The Interface Settings section displays the existing interfaces available in the selected Edge model.
- Click the Edit option for an Interface to view and modify the settings.
- The following image shows the Switch Port settings of an Interface.
You can modify the existing settings as follows:
Option Description Interface Enabled This option is enabled by default. If required, you can disable the Interface. When disabled, the Interface is not available for any communication. Capability For a Switch Port, the option Switched is selected by default. You can choose to convert the port to a routed Interface by selecting the option Routed from the drop-down list. Mode Select the mode of the port as Access or Trunk port. VLANs For an Access port, select an existing VLAN from the drop-down list. For a Trunk port, you can select multiple VLANs and select an untagged VLAN.
L2 Settings Autonegotiate This option is enabled by default. When enabled, Auto negotiation allows the port to communicate with the device on the other end of the link to determine the optimal duplex mode and speed for the connection. Speed This option is available only when Autonegotiate is disabled. Select the speed that the port has to communicate with other links. By default, 100 Mbps is selected. Duplex This option is available only when Autonegotiate is disabled. Select the mode of the connection as Full duplex or Half duplex. By default, Full duplex is selected. MTU The default MTU size for frames received and sent on all switch interfaces is 1500 bytes. You can change the MTU size for an Interface. Click Update to save the settings. - The following image shows the Routed Interface settings.
You can modify the existing settings as follows:
Option Description Interface Enabled This option is enabled by default. If required, you can disable the Interface. When disabled, the Interface is not available for any communication. Capability For a Routed Interface, the option Routed is selected by default. You can choose to convert the Interface to a Switch Port by selecting the option Switched from the drop-down list. Segments By default, the configuration settings are applicable to all the segments. Addressing Type By default, DHCP is selected, which assigns an IP address dynamically. If you select Static or PPPoE, you should configure the addressing details for each Edge. WAN Overlay By default, this option is enabled with Auto-Detect Overlay. You can choose the User Defined Overlay and configure the Overlay settings. For more information, see Configure Edge WAN Overlay Settings. OSPF This option is enabled only when you have configured OSPF for the Profile. Select the checkbox and choose an OSPF from the drop-down list. Click toggle advance ospf settings to configure the Interface settings for the selected OSPF. For more information on OSPF settings, see Enable OSPF. VNF Insertion You must disable WAN Overlay and enable Trusted Source to allow VNF insertion. When you insert the VNF into Layer 3 interfaces or sub-interfaces, the system redirects traffic from the Layer 3 interfaces or subinterfaces to the VNF. Multicast This option is enabled only when you have configured multicast settings for the Profile. You can configure the multicast settings for the selected Interface. For more information, see Configure Multicast Settings at the Interface Level. RADIUS Authentication You must disable WAN Overlay to configure RADIUS Authentication. Select the checkbox to enable RADIUS Authentication on the Interface and add the MAC addresses that should not be forwarded to RADIUS for re-authentication. For more information, see Enabling RADIUS on a Routed Interface. Advertise Select the checkbox to advertise the Interface to other branches in the network. ICMP Echo Response Select the checkbox to enable the Interface to respond to ICMP echo messages. You can disable this option for the Interface, for security purposes. NAT Direct Traffic Select the checkbox to apply NAT to the network traffic sent from the Interface. Underlay Accounting This option is enabled by default. If a private WAN overlay is defined on the Interface, all underlay traffic traversing the interface will be counted against the measured rate of the WAN link to prevent over-subscription. If you do not want this behavior (for example, while using one-arm deployments), disable the option. Trusted Source Select the checkbox to set the Interface as a trusted source. Reverse Path Forwarding You can choose an option for Reverse Path Forwarding (RPF) only when you have enabled Trusted Source. This option allows traffic on the interface only if return traffic can be forwarded on the same interface. This helps to prevent traffic from unknown sources like malicious traffic on an enterprise network. If the incoming source is unknown, then the packet is dropped at ingress without creating flows. Select one of the following options from the drop-down list: - Disabled – Allows incoming traffic even if there is no matching route in the route table.
- Specific – This option is selected by default, even when the Trusted Source option is disabled. The incoming traffic should match a specific return route on the incoming interface. If a specific match is not found, then the incoming packet is dropped. This is a commonly used mode on interfaces configured with public overlays and NAT.
- Loose – The incoming traffic should match any route(Connected/Static/Routed) in the routing table. This allows asymmetrical routing and is commonly used on interfaces that are configured without next hop.
Note: Reverse Path Forwarding (RPF) defaults to Specific mode when Trusted Source is disabled.VLAN Enter a VLAN ID for the Interface to support VLAN tagging over the port. L2 Settings Autonegotiate This option is enabled by default. When enabled, Auto negotiation allows the port to communicate with the device on the other end of the link to determine the optimal duplex mode and speed for the connection. Speed This option is available only when Autonegotiate is disabled. Select the speed that the port has to communicate with other links. By default, 100 Mbps is selected. Duplex This option is available only when Autonegotiate is disabled. Select the mode of the connection as Full duplex or Half duplex. By default, Full duplex is selected. MTU The default MTU size for frames received and sent on all routed interfaces is 1500 bytes. You can change the MTU size for an Interface. Cell Settings – This cellular related configuration option is only available for Edge models that support cellular connectivity, such as Edge 510-LTE and Edge 610-LTE. SIM PIN Text box for a PIN number used to unlock the SIM card. Network Drop-down menu displaying the following available networks: AT&T, Sprint, Verizon, or Other network. APN Name of optional carrier specific Access point. Username Optional username provided by the carrier. Password Optional password provided by carrier. SFP Settings – This option is available only for Edge models that support SFP ports. SFP Module By default, Standard is selected. You can select DSL as the module to use the SFP port with higher bandwidth services. DSL Settings – The option to configure Digital Subscriber Line (DSL) settings is available when you select the SFP module as DSL. Mode Choose the DSL mode from the following options: - VDSL2 – This option is selected by default. Very-high-bit-rate digital subscriber line (VDSL) technology provides faster data transmission. The VDSL lines connect service provider networks and customer sites to provide high bandwidth applications over a single connection.
When you choose VDSL2, select the Profile from the drop-down list. Profile is a list of pre-configured VDSL2 settings. The following profiles are supported: 17a and 30a.
- ADSL2/2+ – Asymmetric digital subscriber line (ADSL) technology is part of the xDSL family and is used to transport high-bandwidth data. ADSL2 improves the data rate and reach performance, diagnostics, standby mode, and interoperability of ADSL modems. ADSL2+ doubles the possible downstream data bandwidth.
If you choose ADSL2/2+, configure the following settings:
- PVC – A permanent virtual circuit (PVC) is a software-defined logical connection in a network such as a frame relay network. Choose a PVC number from the drop-down list. The range is from 0 to 7.
- VPI – Virtual Path Identifier (VPI) is used to identify the path to route the packet of information. Enter the VPI number, ranging from 0 to 255.
- VCI – Virtual Channel Identifier (VCI) defines the fixed channel on which the packet of information should be sent. Enter the VCI number, ranging from 35 to 65535.
- PVC VLAN – Set up a VLAN to run over PVCs on the ATM module. Enter the VLAN ID, ranging from 1 to 4094.
GPON Settings – The option to configure Gigabit Passive Optical Network (GPON) settings is available when you select the SFP module as GPON. GPON Settings Configure the GPON mode settings: - Subscriber Location ID Mode – Choose the mode of the Subscriber Location ID from the following options:
- ASCII – Allows up to 10 ASCII characters.
- HEX – Allows up to 20 Hexadecimal characters.
- Subscriber Location ID – Enter the location ID according to the selected mode.
- Some of the Edge models support Wireless LAN. The following image shows WLAN Interface settings.
You can modify the settings as follows:
Option Description Interface Enabled This option is enabled by default. If required, you can disable the Interface. When disabled, the Interface is not available for any communication. VLAN Choose the VLAN to be used by the Interface. SSID Enter the wireless network name. Select the Broadcast checkbox to broadcast the SSID name to the surrounding devices.
Security Select the type of security for the Wi-Fi connection, from the drop-down list. The following options are available: - Open – No security is enforced.
- WPA2 / Personal – A password is required for authentication. Enter the password in the Passphrase field.
- WPA2 / Enterprise – A RADIUS server is used for authentication. You should have already configured a RADIUS server and selected it for the Profile and Edge.
To configure a RADIUS server, see Configure Authentication Services.
To select the RADIUS server for a Profile, see Configure Authentication Settings.
What to do next
When you configure the Interface Settings for a Profile, the settings are automatically applied to the Edges that are associated with the profile. If required, you can override the configuration for a specific Edge as follows:
- In the Enterprise portal, click Configure > Edges.
- Click the Device Icon next to an Edge, or click the link to an Edge and then click the Device tab.
- In the Device tab, scroll down to the Interface Settings section, which displays the interfaces available in the selected Edge.
- Click the Edit option for an Interface to view and modify the settings.
- Select the Override Interface checkbox to modify the configuration settings for the selected Interface.