Versions Compared

Old Version 7

changes.mady.by.user Panna .

Saved on

compared with

New Version 8

changes.mady.by.user Panna .

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Depending on your deployment and configuration choices,

Anchor
bookmark897
bookmark897
the Ethernet ports on the NIOS appliance perform different functions. The Ethernet ports that handle traffic on the NIOS appliance are as follows:

  • LAN1 port – A 10/100/1000-Mbps gigabit Ethernet port that connects the appliance to the network. This is the default port for single independent appliances, single Grid members, and passive nodes in HA pairs. You must use the LAN1 port to set up the appliance initially. It handles traffic for all management services if you do not enable the MGMT and LAN2 ports. The passive node in an HA pair uses this port to synchronize the database with the active node.
  • LAN2 port – A 10/100/1000-Mbps gigabit Ethernet port that connects the appliance to the network. The LAN2 port is not enabled by default. You can enable the LAN2 port and define its use through the GUI after the initial setup. By default, the appliance uses the LAN1 port (and HA port when deployed in an HA pair). To enable and configure the LAN2 port, you must have read/write permission to the Grid member on which you want to enable the port. The LAN2 port is available on the TE-810, TE-820, TE-1410, TE-1420, TE-2210, TE-2220, and IB-4010 appliances. For information about how to use the LAN2 port, see Using the LAN2 Port.
  • HA port – A 10/100/1000-Mbps gigabit Ethernet port through which the active node in an HA (high availability) pair connects to the network using a VIP (virtual IP) address. HA pair nodes also use their HA ports for VRRP (Virtual Router Redundancy Protocol) advertisements.
  • MGMT port – A 10/100/1000-Mbps gigabit Ethernet port that you can use for appliance management or DNS service. You can enable the MGMT port and define its use through the GUI after the initial setup. If the MGMT port is enabled, the NIOS appliance uses it for management services (see bookmark906 22249600 for specific types).

You can do the following on some of the Ethernet ports, depending on your network requirements and configurations:

  • Assign VLANs (Virtual LANs) to the LAN1 and LAN2 ports so that NIOS can provide DNS service to different subnetworks on the same interface. For more information about VLANs, see bookmark899 22249600.
  • Implement DiffServ (Differentiated Services) on the appliance by configuring the DSCP (Differentiated Services Code Point) value. For more information about DiffServ and DSCP, see bookmark901 bookmark901 22249600 22249600

Anchor
Enabling GUI and API Access on the MGMT
Enabling GUI and API Access on the MGMT
Anchor
bookmark898
bookmark898
Enabling GUI and API Access on the MGMT and LAN1/VIP Ports

...

You can assign VLANs (Virtual Local Area Networks) to the LAN1, LAN2, and VIP (for HA pairs) interfaces so the appliance can provide DNS service to different subnetworks on the same interface. You can also configure VLANs interfaces on supported Network Insight appliances and use them exclusively for discovery purposes. VLANs are independent logical networks that are mutually isolated on the interface so that IP packets can pass between them through one or more switches or routers. You can assign VLANs to provide segmentation services to address issues such as scalability, security, and network management. For example, you can partition your network into segments such as DHCP address allocation, DNS service, guest network, and DMZ (demilitarized zone) to achieve a higher level of security and to increase performance by limiting broadcast domains. You can also add quality of service schemes to optimize your network traffic on the VLAN trunk links by configuring the DSCP (Differentiated Services Code Point) value for the corresponding physical and virtual interfaces. For information about DSCP, see bookmark901 bookmark901 22249600 22249600.

...

Note: When you configure VLANs on the following Network Insight appliances: ND-1400, ND-1405, ND-2200, ND-2205, ND-4000, ND-V1400 ND-V1405, ND-V2200, and ND-V2205, the VLAN interfaces are used exclusively for discovery. You cannot bind other services on these VLAN interfaces of the supported Network Insight appliances. For more information about Network Insight, see About Network Insight.

...

VLANs and VLAN tagging are supported on both IPv4 and IPv6 transports. This feature is currently supported on the following Infoblox appliances: Trinzic 1410, 1415, 1420, 1425, 2210, 2215, 2220, 2225, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, PT-4000-10GE, TE-1410, TE-1420, TE-1415, and TE-1425. VLAN tagging is not supported on TE-100, TE-810, TE-815, TE-820, and TE-825. For more information about VLAN support for an Infoblox-4030 appliance, refer to the DNS Cache Acceleration Application Guide. For information about these appliances, refer to the respective installation guides on the Infoblox Support web site at http://www.infoblox.com/support.
Currently, only the DNS service can listen on specific VLAN interfaces. The DHCP service listens only on the primary VLAN interface (tagged or untagged). You can also specify VLANs as the source port for sending DNS queries and notify messages. For information about how to configure these, see Specifying Port Settings for DNS.
Additional VLAN support is available exclusively for discovery on the following Network Insight appliances: ND-1400, ND-1405, ND-2200, ND-2205, ND-4000, ND-V1400, ND-V1405, ND-V2200, and ND-V2205. Binding other services on
the VLAN interfaces of the Network Insight appliances is not supported.

...

When you first set up a NIOS appliance, you can assign VLANs through the Grid Setup Wizard. For more information, see Using the Setup Wizard. After the initial setup, you can assign VLANs to the LAN1 or LAN2 ports in the Required Ports and Addresses table, as described in bookmark908 22249600.
On a Grid member, you can assign up to 10 VLANS for each protocol (IPv4 or IPv6) on the LAN1 and LAN2 ports. You can assign up to 10 IPv4 VLAN addresses and 10 IPv6 VLAN addresses for each interface. You can configure only IPv4 VLAN addresses for an IPv4 Grid member and only IPv6 VLAN addresses for an IPv6 Grid member, but for a dual mode Grid member you can configure both IPv4 and IPv6 VLAN addresses.
To assign additional VLANs to the LAN1 or LAN2 port, complete the following:

  1. From the Grid tab, select the Grid Manager tab -> Members tab -> Grid_member check box, and then click the Edit icon.
  2. Select the Network -> Basic tab in the Grid Member Properties editor.
  3. In the Additional Ports and Addresses table, click the Add icon and select either MGMT (IPv4), MGMT (IPv6), LAN2 (IPv4), LAN2 (IPv6), Additional Address (loopback) (IPv4), Additional Address (loopback) (IPv6), LAN1 (VLAN)(IPv4), LAN1 (VLAN)(IPv6), LAN2 (VLAN)(IPv4) or LAN2 (VLAN)(IPv6) from the drop-down list. You can add up to 10 IPv4 and 10 IPv6 VLANs for each interface. Note that you can configure only IPv4 VLAN addresses for an IPv4 Grid member and only IPv6 VLAN addresses for an IPv6 Grid member, but for a dual mode Grid member you can configure both IPv4 and IPv6 VLAN addresses.
    • MGMT (IPv4): Select this to configure IPv4 address for MGMT port. Note that the Infoblox-4030 appliance supports a /32 configuration for IPv4 on MGMT and supports multi-interface only when both LAN1 and MGMT are on the same subnet.
    • MGMT (IPv6): Select this to configure IPv6 address for MGMT port. Note that Infoblox-4030 appliance supports a /128 prefix configuration for IPv6 on MGMT and supports multi-interface only when both LAN1 and MGMT are on the same subnet.
    • LAN2 (IPv4): Select this to configure IPv4 address for the LAN2 port for DHCP or DNS. Note that Infoblox-4030 appliance supports a /32 configuration for IPv4 on LAN2 and supports multi-interface only when both LAN1 and LAN2 are on the same subnet. This is not applicable to Trinzic 100 appliance.
    • LAN2 (IPv6): Select this to configure IPv6 address for the LAN2 port for DHCP or DNS. Note that Infoblox-4030 appliance supports a /128 prefix configuration for IPv6 on LAN2 and supports multi-interface only when both LAN1 and LAN2 are on the same subnet. This is not applicable to Trinzic 100 appliance.
    • Additional Address (loopback) (IPv4): Select this to add a non-anycast IPv4 address to the loopback interface. Note that you can configure this for IPv4 and dual mode Grid member.
    • Additional Address (loopback) (IPv6): Select this to add a non-anycast IPv6 address to the loopback interface. Note that you can configure this for IPv6 and dual mode Grid member.
    • LAN1 (VLAN) (IPv4): Select this to add a VLAN to the LAN1 interface. You can add up to 10 IPv4 VLAN addresses. Note that you can configure this for IPv4 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GE appliances. VLAN tagging is not supported on TE-100, TE-810, TE-815, TE-820, TE-825, and vNIOS virtual appliances.
    • LAN1 (VLAN) (IPv6): Select this to add a VLAN to the LAN1 interface. You can add up to 10 IPv4 and 10 IPv6 VLAN addresses. Note that you can configure this for IPv6 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GEappliances.
    • LAN2 (VLAN) (IPv4): Select this to add a VLAN to the LAN2 interface. You can add up to 10 IPv4 VLAN addresses. Note that you can configure this for IPv4 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GE appliances.
    • LAN2 (VLAN) (IPv6): Select this to add a VLAN to the LAN2 interface. You can add up to 10 IPv6 VLAN addresses. Note that you can configure this for IPv6 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GE appliances.
  4. Enter the following:
    • Interface: Displays the name of the VLAN interface. This can be LAN1 (VLAN)(IPv4), LAN1 (VLAN)(IPv6), LAN2 (VLAN)(IPv4), or LAN2 (VLAN)(IPv6) depending on your selection. You cannot modify this.
    • Address: Type the IP address for the VLAN port.
    • Subnet Mask (IPv4) or Prefix Length (IPv6): For IPv4 address, specify an appropriate subnet mask and for IPv6 address, specify the prefix length. The prefix length ranges from 2 to 127, with common-sense values ranging from /48 to /127 due to the larger number of bits in the IPv6 address.
    • Gateway: Type the IPv4 or IPv6 default gateway address for the VLAN port depending on the type of interface. For IPv6 interface, you can also type Automatic to enable the appliance to acquire the IPv6 address of the default gateway and the link MTU from router advertisements.
      You can now define a link-local address as the default IPv6 gateway and isolate the LAN segment so the local router can provide global addressing and access to the network and Internet. This is supported for both LAN1 and LAN2 interfaces as well as LAN1 and LAN2 in the failover mode.
    • VLAN Tag: Enter the VLAN tag or ID. You can enter a number from 1 to 4094. Ensure that you configure the corresponding switch accordingly. For information about VLANs, see bookmark899 22249600.
    • Port Settings: For IPv4 only. From the drop-down list, choose the connection speed that you want the port to use. You can also choose the duplex setting. Choose Full for concurrent bidirectional data transmission or Half for data transmission in one direction at a time. Select Automatic to instruct the NIOS appliance to negotiate the optimum port connection type (full or half duplex) and speed with the connecting switch automatically. This is the default setting. You cannot configure port settings for vNIOS appliances.
    • DSCP Value: Displays the Grid DSCP value, if configured. To modify, click Override and enter the DSCP value. You can enter a value from 0 to 63. For information about DSCP, see bookmark901 bookmark901 22249600 22249600.
  5. Save the configuration and click Restart if it appears at the top of the screen.

...

You can override the Grid and member DSCP value at the interface level. For more information, see the following:

...

This section provides tables that detail the port usage and source and destination ports for different services, depending on your Grid configuration.
bookmark904 22249600 displays the type of traffic per port for both Grid and independent deployments.

Anchor
bookmark904
bookmark904
Table 8.3 Appliance Roles and Configuration, Communication Types, and Port Usage

...


To see the service port numbers and the source and destination locations for traffic that can go to and from a NIOS appliance, see bookmark906 22249600. This information is particularly useful for firewall administrators so that they can set policies to allow traffic to pass through the firewall as required.

...

Service

SRC IP

DST IP

Proto

SRC
Port

DST Port

Notes

Key Exchange (Member Connection)LAN1 or MGMT on all Grid members (including Grid Master and Grid Master Candidate)
VIP on HA Grid Master Candidate, or LAN1 on single
Grid Master Candidate		VIP on HA Grid Master, or LAN1 on single Grid Master
VIP on HA Grid Master Candidate, or LAN1 on single Grid Master Candidate		17 UDP21142114Initial key exchange for
establishing VPN
tunnels
Required for Grid

Key Exchange (Grid Master Candidate Promotion)

VIP on HA Grid Master, or LAN1 on single Grid Master


VIP on HA Grid Master Candidate or LAN1 on Single Grid Master Candidate

applianceLAN1 or MGMT on all Grid members (including Grid Master and Grid Master Candidate)

17 UDP

2114

2114


Accounting

LAN1 or MGMT on Grid memberVIP on HA Grid Master, or LAN1 on single Grid Master
VIP on HA Grid Master Candidate, or LAN1 on single
Grid Master Candidate		17 UDP1194 or
5002, or 1024
-> 63999		1194 or
5002, or
1024 ->
63999

Default VPN port 1194 for Grids with new DNSone 3.2 installations and 5002 for Grids upgraded to DNSone 3.2; the port number is configurable

Required for Grid

Network Insight VPNLAN1 or LAN2 on ProbesLAN1 or LAN2 on ConsolidatorUDP11941194All default VPN tunnels for Network Insight
DiscoveryLAN1 or LAN2 on Probes
UDP
161SNMP

Discovery

LAN1 or LAN2 on Probes


UDP


260

SNMP - Needed for full discovery of some older Check Point models

Discovery

LAN1 or LAN2 on Probes


ICMP


n/a

Ping Sweep

Discovery

LAN1 or LAN2 on Probes


UDP, TCP


53

DNS

Discovery

LAN1 or LAN2 on Probes


ICMP



Path Collection, for IPv4 addresses

Discovery

LAN1 or LAN2 on Probes


UDP


33434+1
per probe packet

Path Collection. Standard traceroute, for IPv6 addresses

Discovery

LAN1 or LAN2
on Probes


ICMP, UDP, TCP



Port scan - all configured by us

Discovery

LAN1 or LAN2 on Probes


UDP


137

NetBIOS

Discovery

LAN1 or LAN2 on Probes


UDP


40125

NMAP, UDP Ping, and credential checking








Discovery

LAN1 or LAN2
on Probes


TCP


23

Telnet can be used based on Network Insight configuration for Network Discovery.

Discovery

LAN1 or LAN2
on Probes


TCP


22

SSH can be used based on Network Insight configuration for Network Discovery.

DHCP

Client

LAN1, LAN2, VIP, or broadcast on NIOS appliance

17 UDP

68

67

Required for IPv4 DHCP service

DHCP

LAN1, LAN2 or VIP on NIOS appliance

Client

17 UDP

67

68

Required for IPv4 DHCP service

DHCP

Client

LAN1, LAN2, VIP, or broadcast on NIOS appliance

17 UDP

546

547

Required for IPv6 DHCP service

DHCP

LAN1, LAN2 or VIP on NIOS appliance

Client

17 UDP

547

546

Required for IPv6 DHCP service

DHCP Failover

LAN1, LAN2 or VIP on Infoblox DHCP failover peer

LAN1, LAN2 or VIP on Infoblox DHCP failover peer

6 TCP

1024 → 65535

519, or 647

Required for DHCP failover

DHCP Failover

VIP on HA Grid Master or LAN1 or LAN2 on single master

LAN1, LAN2 or VIP on Grid member in a DHCP failover pair

6 TCP

1024 ->
65535

7911

Informs functioning Grid member in a DHCP failover pair that its partner is down

Required for DHCP failover

DDNS Updates

LAN1, LAN2, or VIP

LAN1, LAN2, or VIP

17 UDP

1024 → 65535

53

Required for DHCP to send DNS dynamic updates

DNS Transfers

LAN1, LAN2, VIP, or MGMT, or client

LAN1, LAN2, VIP, or MGMT

6 TCP

53, or
1024 ->
65535

53

For DNS zone transfers, large client queries, and for Grid members to communicate with external name servers

Required for DNS

DNS Queries

Client

LAN1, LAN2, VIP, or broadcast on NIOS appliance

17 UDP

53, or 1024 → 65535

53

For DNS queries

Required for DNS

DNS Queries

Client

LAN1, LAN2, VIP, or broadcast on NIOS appliance

6 TCP

53, or 1024 → 65535

53

For DNS queries

Required for DNS

NTP

NTP client

LAN1, LAN2, VIP, or MGMT

17 UDP

1024 ->
65535

123

Required if the NIOS appliance is an NTP server

NTP

NTP client

LAN1, LAN2, VIP, or MGMT

17 UDP

1024 ->
65535

123

Required if the NIOS appliance is an NTP server. On an HA member, the NTP service runs on the active node. If there is an HA failover, the NTP service is automatically launched after the passive node becomes active and the NTP traffic uses the LAN2, VIP, or MGMT port on one of the nodes from an HA pair, instead of the LAN1 port. During another HA failover, the currently passive node becomes active again and the NTP traffic uses the LAN1 port, and the NTP is back in synchronization.

RADIUS Authentication

NAS (network access server)

LAN1 or VIP

17 UDP

1024 – 65535

1812

For proxying RADIUS Authentication-Requests. The default destination port number is 1812, and can be changed to 1024 – 63997. When configuring an HA pair, ensure that you provision both LAN IP addresses on the RADIUS server.

RADIUS Accounting

NAS (network access server)

LAN1 or VIP

17 UDP

1024 – 65535

1813

For proxying RADIUS Accounting-Requests. The default destination port number is 1813, and can be changed to 1024 – 63998.

RADIUS Proxy

LAN1 or VIP

RADIUS home server

17 UDP

1814

1024 ->
63997
(auth), or 1024 ->
63998
(acct)

Required to proxy requests from RADIUS clients to servers. The default source port number is 1814, and although it is not configurable, it is always two greater than the port number for RADIUS authentication.

ICMP Dst Port Unreachable

VIP, LAN1, LAN2, or MGMT,
or UNIX-based client

LAN1, LAN2, or
UNIX-based client

1 ICMP
Type 3

Required to respond to the UNIX-based traceroute tool to determine if a destination has been reached

ICMP Echo Reply

VIP, LAN1, LAN2, or MGMT, or client

VIP, LAN1, LAN2, or MGMT, or client

1 ICMP Type 0

Required for response from ICMP echo request (ping)

ICMP Echo Request

VIP, LAN1, LAN2, or MGMT,
or client

VIP, LAN1, LAN2, or
MGMT, or client

1 ICMP
Type 8

Required to send pings and respond to the Windows-
based traceroute tool

ICMP TTL
Exceeded

Gateway device (router or firewall)

Windows client

1 ICMP
Type 11

Gateway sends an ICMP TTL exceeded message to a Windows client, which then records router hops along a data path

NTP

LAN1 on active node of Grid Master or LAN1 of independent appliance

NTP server

17 UDP

1024 ->
65535

123

Required to synchronize Grid, TSIG authentication, and DHCP failover

Optional for synchronizing logs among multiple appliances

SMTP

LAN1, LAN2, or VIP

Mail server

6 TCP

1024 → 65535

25

Required if SMTP alerts are enabled

SNMP

NMS (network management system) server

VIP, LAN1, LAN2, or MGMT

17 UDP

1024 → 65535

161

Required for SNMP management

SNMP Traps

MGMT or LAN1 on Grid Master or HA pair, or LAN1 on independent appliance

NMS server

17 UDP

1024 -> 65535

162

Required for SNMP trap management.
Uses MGMT (when enabled) or LAN1 on Grid Master or HA pair, or LAN1 on independent appliance for the source address, depending on the destination IP address.

SSHv2

Client

LAN1, LAN2, VIP, or MGMT on NIOS
appliance

6 TCP

1024 ->
65535

22

Administrators can make an SSHv2 connection to the LAN1, LAN2, VIP, or MGMT port

Optional for management

Syslog

LAN1, LAN2, or MGMT of NIOS appliance

syslog server

17 UDP

1024 → 65535

514

Required for remote syslog logging

Traceroute

LAN1, LAN2, or UNIX-based appliance

VIP, LAN1, LAN2, or MGMT, or client

17 UDP

1024 → 65535

33000 → 65535

NIOS appliance responds with ICMP type code 3 (port unreachable)

TFTP Data

LAN1 or MGMT

TFTP server

17 UDP

1024 → 65535

69, then 1024 → 63999

For contacting a TFTP server during database and configuration backup and restore operations

VRRP

HA IP on the active node of HA pair

Multicast address 224.0.0.18

112
VRRP

802


For periodic announcements of the availability of the HA node that is linked to the VIP. The nodes in the HA pair must be in the same subnet.

HTTP

Management System

VIP, LAN1, or MGMT

6 TCP

1024 ->
65535

80

Required if the HTTP-redirect option is set on the Grid properties security page

HTTPS/SSL

Management System

VIP, LAN1, or MGMT

6 TCP

1024 → 65535

443

Required for admini

Anchor
bookmark907
bookmark907
stration through the GUI

Reporting

Reporting Forwarders

LAN1, LAN2, or MGMT on the indexer

6 TCP

1024 -
65535

9997

Required for the reporting service. Communication is single directional from forwarders to the indexer. For example, a forwarder detects events and forwards them to the indexer.

Reporting - Peer Replication

All Reporting Members

LAN1, LAN2, MGMT on each reporting member

TCP

1024 - 65535

7887

Splunk cluster peer replication (traffic among reporting members)

Distributed Search

All Reporting Members

LAN1, LAN2, MGMT on each reporting member

TCP

1024 - 65535

7089

Distributed searches from Search Head to Reporting Members

Reporting Management

All Reporting Members

LAN1, LAN2, MGMT on each reporting member

TCP

1024 - 65535

8089

Grid Master to reporting members

Reporting Management

All Reporting Members

LAN1, LAN2, MGMT on each reporting member

TCP – IPv4

1024 - 65535

8000

Grid Master to reportingmembers

Reporting Management

All Reporting Members

LAN1, LAN2, MGMT on each reporting member

TCP – IPv6

1024 - 65535

8000

Grid Master to reporting members

Threat Protection

VIP on HA Grid Master or MGMT on single appliance (with threat protection service running)

N/A (using FQDN = https://ts.infoblox.c)

HTTPS

N/A

443

For threat protection rule updates.

Threat Insight

Client

N/A (using FQDN = https://ts.infoblox.co)

HTTPS

N/A

443

For downloading module set and whitelist updates.

Microsoft ManagementManaging MemberMicrosoft ServerTCP1024 - 65535

135, 445
Dynamic
Port Range
1025-5000 (Windows Server
2003)

Dynamic Port Range 49152-65535 (Windows Server 2008)

Note that TCP ports 135
and 445 must be open
on the Microsoft server,
in addition to the
dynamic port range.
Ports 135 and 445 are
used by the port
mapper interface,
which is a service on
the Microsoft server
that provides
information to clients
on which port to use to
connect to a specific
service, such as the
service that allows the
management of the
DNS service.

...

  1. From the Grid tab, select the Grid Manager tab -> Members tab -> Grid_member check box, and then click the Edit icon.
    Note: You must enable the MGMT port before modifying its port settings. See Using the MGMT Port.
  2. In the Network tab of the Grid Member Properties editor, the Required Ports and Addresses table lists the network settings that were configured. This table lists the network settings of LAN1(IPv4) interface for an IPv4 member and LAN1(IPv6) interface for an IPv6 member. For a dual mode Grid member, this table lists the settings for both LAN1(IPv4) and LAN1(IPv6) interfaces. Complete the following to modify port settings:
    • Interface: Displays the name of the interface. You cannot modify this.
    • Address: Click the field and modify the IP address for the LAN1 port, which must be in a different subnet from that of the LAN2 and HA ports.
    • Subnet Mask (IPv4) or Prefix Length (IPv6): For IPv4 address, click the field and specify an appropriate subnet mask and for IPv6 address, specify the prefix length.
    • Gateway: Click the field and modify the default gateway for the LAN1 port.
    • VLAN Tag: Click the field and enter the VLAN tag ID if the port is configured for VLANs. You can enter a number from 1 to 4095. For information about VLAN, see bookmark899 22249600.
    • Port Settings: From the drop-down list, choose the connection speed that you want the port to use. You can also choose the duplex setting. Choose Full for concurrent bidirectional data transmission or Half for data transmission in one direction at a time. Select Automatic to instruct the NIOS appliance to negotiate the optimum port connection type (full or half duplex) and speed with the connecting switch automatically. This is the default setting. You cannot configure port settings for vNIOS appliances.
    • DSCP Value: Displays the Grid DSCP value. To modify, click Override and enter the DSCP value. You can enter a value from 0 to 63. For information about DSCP, see bookmark901bookmark901 2224960022249600
  3. Save the configuration and click Restart if it appears at the top of the screen.

...