Configuring the interfaces

The SMC server automatically displays the interfaces of your firewall in the Interfaces > Interfaces tab in the firewall's settings. You will then be able to configure them from a central point, or add them manually. For more information on interface configuration, refer to the Interfaces section in the Stormshield Network User Configuration Manual.

SMC makes it possible to configure the following network interfaces in IPv4:

  • Ethernet interfaces

  • Bridges

  • VLANs

  • Aggregates

    Two aggregation modes are possible - either LACP, which is the default mode, or Failover (only for SNS firewalls in version 4.3 and higher).

The interfaces that SMC does not support can also be retrieved in read-only mode (Wi-Fi, dialup, Loopback, GRETUN, GRETAP and USB/Ethernet). These interfaces are shown as Other interface in the grid.

They cannot be changed from SMC but can be used in the routing configuration.

When SMC retrieves the routes displayed in a firewall's Routing tab, the interfaces will also be retrieved automatically. If any interfaces were created on SMC but were not deployed, they will be overwritten when routes are retrieved.

When deploying the network configuration, the existing VLAN, aggregate and bridge interfaces on the firewall are not preserved. The network configuration deployed from the SMC server will overwrite the local configuration on the firewall.

  • Currently, configuration in IPv6 is not supported.

  • High availability: The network interfaces used for high availability links are shown on the SMC server but cannot be configured.

  • Monitoring: Currently interfaces cannot be monitored from the SMC server. To monitor the interfaces of a firewall, connect to the firewall in question.

  • Configuring modems: Currently, the Safety/Bypass mode is not supported.

  • For interfaces configured in DHCP, SMC does not display their values in detail.

  • Bridge: A bridge can be modified and deleted even if it contains interfaces that are not managed by the SMC server.

  • GRE/GRETAP interfaces are not supported. VLAN interfaces connected to a GRETAP are therefore not displayed on the SMC server.