IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
Modifying a USB/Ethernet interface
A USB/Ethernet interface is automatically created whenever a HUAWEI 4G USB modem that supports the HiLink feature is connected to the firewall and then configured.
The parameters of this type of interface can be modified by selecting it in the left section of the window. A tab will appear:
NOTE
A second USB/Ethernet interfaces cannot be added.
“Configuration of the interface” tab
| Name (mandatory) |
Name associated with the USB/Ethernet interface (see warning in the introduction of the Interfaces section). |
| Comments |
Allows you to enter comments regarding the interface. |
| Color |
Color assigned to the interface. |
| This interface is |
An interface can either be “internal (protected)” or “external (public)”.
If you select “internal (protected)”, you are indicating that this interface is protected. This protection includes the memorization of machines that have logged on to this interface, conventional traffic security mechanisms (TCP) and implicit rules for services offered by the firewall such as DHCP (see the section Implicit rules). Protected interfaces are represented by a shield (
If you select “external (public)”, you are indicating that this part of the network is linked up to the internet. In most cases, the external interface, linked up to the internet, has to be in external mode. The shield icon disappears when this option is selected. |
).Modem parameters
| USB modem |
This field allows selecting the modem's automatic detection mode or one of the customized profiles created earlier. |
Address range
| Dynamic IP (obtained by DHCP) |
The assigned IP address can be matched to a domain name via a DNS service provider (dyndns.org for example) in order to contact this firewall without having to know its IP address. This option is used when your firewall does not have a static IP address (e.g., your service provider, or DHCP renews its IP address regularly).
This feature can be enabled by selecting a dynamic DNS account that you would have configured earlier. The configuration of dynamic DNS clients is explained further in the document Dynamic DNS module.
This field allows specifying to the firewall that the configuration of the bridge (IP address and mask) is defined by DHCP. In this case, the “DHCP” zone in the Advanced properties tab will be enabled. |
| Fixed IP (static) |
By selecting this option, the interface will have a static address range. In this case, its IP address and the mask of the sub-network to which the interface belongs, have to be indicated. |
Here, several associated IP addresses and network masks may be defined for the same interface (the need to create aliases, for example). These aliases may allow you to use this Stormshield Network firewall as a central routing point. As such, a USB/Ethernet interface can be connected to various sub-networks with a different address range. To add or remove them, simply use the Add and Delete buttons located above the fields in the table.
Several IP addresses (aliases) can be added in the same address range on an interface. In this case, these addresses must all have the same mask. Reloading the network configuration will apply this mask on the first address and a mask /32 on the following addresses.