Skip to main content

Netskope Help

Configure Additional Interfaces with a Static IP

You only require additional interfaces if you are configuring the appliance as a Secure Forwarder.

If you want to configure the dp1 and mp interfaces, you must get the IP, gateway, and netmask of the two interfaces. Use one of the following two methods to get the IP, gateway, and netmask of dp1 and mp interfaces.

Using the CLI
  1. You must enable DHCP on the two interfaces. In CLI's configuration mode, run:

    set interface dp1 dhcp enable true
    save
    exit

    or,

    set interface mp dhcp enable true
    save
    exit
  2. Make a note of the IP, gateway, and netmask. In CLI's operation mode, run:

    run show route interface dp1

    or,

    run show route interface mp

    For example, 

    dp1 (eth1): ip - 172.31.10.237, gw - 172.31.0.1, netmask - 255.255.240.0

    mp (eth2): ip - 172.31.3.125, gw - 172.31.0.1, netmask - 255.255.240.0

  3. Disable DHCP on the interface. In CLI's configuration mode, run:

    set interface dp1 dhcp enable false
    

    or,

    set interface mp dhcp enable false
Using AWS
  1. In the EC2 Management Console on AWS, navigate to Instances and select the VA AMI instance. 

  2. In the instance description below, click on eth1 and eth2 network interfaces. Make a note of the Private IP Address of the two interfaces.

    For example, eth1: Private IP Address  172.31.10.237 and eth2: Private IP Address  172.31.3.125

  3. Under AWS Services, navigate to Networking & Content Delivery and click VPC.

  4. In the left navigation pane of the VPC Dashboard, click Subnets

  5. Select your subnet. From the Summary below, note the IPv4 CIDR. The gateway address is the first valid IP address in this range.

    For example, IPv4 CIDR: 172.31.0.0/20, gw - 172.31.0.1

  6. In the Route Table tab of the subnet, note the destination IPv4 CIDR. Calculate the netmask.

    For example, Destination  172.31.0.0/16, calculated netmask - 255.255.240.0

Configure the Interfaces

Using the IP, gateway, and netmask information for dp1 and mp interfaces, in configuration mode run the following commands,

set interface dp1 dhcp enable false

set interface dp1 static ip enable true
set interface dp1 static ip 172.31.10.237
set interface dp1 static gw 172.31.0.1
set interface dp1 static netmask 255.255.240.0

set interface mp dhcp enable false

set interface mp static ip enable true
set interface mp static ip 172.31.3.125
set interface mp static gw 172.31.0.1
set interface mp static netmask 255.255.240.0

save
Dataplane_IP_for_AWS_Instance.png

You can use the show command in configuration mode to verify your configuration.