Cisco Cisco Firepower Management Center 4000
7-2
FireSIGHT System User Guide
Chapter 7 Setting Up an IPS Device
Configuring Passive Interfaces
Caution
Changing the maximum transmission unit (MTU) interrupts traffic on the device. The range within
which you can set the MTU can vary depending on the FireSIGHT System device model and interface
type. See
which you can set the MTU can vary depending on the FireSIGHT System device model and interface
type. See
for more information.
To configure a passive interface:
Access:
Admin/Network Admin
Step 1
Select
Devices > Device Management
.
The Device Management page appears.
Step 2
Next to the device where you want to configure the passive interface, click the edit icon (
).
The Interfaces tab appears.
Step 3
Next to the interface you want to configure as a passive interface, click the edit icon (
).
The Edit Interface pop-up window appears.
Step 4
Click
Passive
to display the passive interface options.
Step 5
Optionally, from the
Security Zone
drop-down list, select an existing security zone or select
New
to add a
new security zone.
Step 6
Select the
Enabled
check box to allow the passive interface to monitor traffic.
If you clear the check box, the interface becomes disabled so that users cannot access it for security
purposes.
purposes.
Step 7
From the
Mode
drop-down list, select an option to designate the link mode or select
Autonegotiation
to
specify that the interface is configured to automatically negotiate speed and duplex settings. Note that
mode settings are available only for copper interfaces.
mode settings are available only for copper interfaces.
Note
Interfaces on 8000 Series appliances do not support half-duplex options.
Step 8
From the
MDI/MDIX
drop-down list, select an option to designate whether the interface is configured for
MDI (medium dependent interface), MDIX (medium dependent interface crossover), or Auto-MDIX.
Note that MDI/MDIX settings are available only for copper interfaces.
Note that MDI/MDIX settings are available only for copper interfaces.
By default, MDI/MDIX is set to
Auto-MDIX
, which automatically handles switching between MDI and
MDIX to attain link.
Step 9
In the
MTU
field, type a maximum transmission unit (MTU), which designates the largest size packet
allowed.
The range within which you can set the MTU can vary depending on the FireSIGHT System device
model and interface type. See
model and interface type. See
for more information.
Step 10
Click
Save
.
The passive interface is configured. Note that your changes do not take effect until you apply the device
configuration; see
configuration; see
for more information.