2. Management interfaces configuration

_images/MoteurDeDetectionOFF.png

The network configuration of the equipment is done from the 'Network' tab. :

_images/SPDR1.PNG

Regarding the GCap management interfaces, there are two: gcp0 & gcp1. The gcp0 interface is the interface used by data traveling through the IPsec tunnel to GCenter. The gcp1 interface is used by Probe administrators for a remote SSH connection. The function of gcp1 can be changed.

There are two connection architecture modes: using a single or two connection interfaces between the capture probe and the GCenter. From the 'Network' menu, one can select the desired architecture.

In this case, we decide to select the two interfaces to ensure the link between the probe and the GCenter.

_images/SPDR6.PNG
_images/PDRN6.png

You can do it with the following CLI command :

show network-config ssh
set network-config ssh gcp1

It is necessary to configure separately the network interfaces gcp0 and gcp1 from the respective tabs 'Interface gcp0 - VPN' and 'Gcp1 Interface - SSH'.

_images/SPDR7.PNG
_images/SPDR8.PNG

Network settings of the gcp0 VPN interface: _images/SPDR9.PNG

Network settings of the gcp1 SSH interface: _images/SPDR10.PNG

From 'Interface gcp0 - VPN' and 'Interface gcp1 - SSH', the IP addresses of the gcp0 and gcp1 interfaces, the subnet masks and the gateways are filled in. Note that the gateway (optional parameter) must be in the same network as the IP address of the GCap.

You can do it with the following CLI command :

show network-config [gcp0|gcp1]
set network-config gcp0 [ip-address|gateway|mask] [confirm] [no-reload]
set network-config gcp1 [ip-address|gateway|mask] [confirm] [no-reload]

Another possibility:

We decide to select a single interface to ensure the link between the probe and the GCenter. Alerts from the TRACKWATCH solution will pass through the same link as that of management.

_images/SPDR11.PNG_images/PDRN11.png

It is now necessary to configure the gcp0 network interface from the 'Interface gcp0 – VPN/SSH' where the gcp0 interface IP address, subnet mask and gateway are filled in.

_images/SPDR12.PNG_images/SPDR13.PNG

You can do it with the following CLI command :

show network-config gcp0
set network-config gcp0 [ip-address|gateway|mask] [confirm] <IP address|gateway|mask> [no-reload]
set network-config ssh gcp0