Configure a Passive Interface
This section describes how to:
-
Enable the interface. By default, interfaces are disabled.
-
Set the interface mode to Passive or ERSPAN. For ERSPAN interfaces, you will set the ERSPAN parameters and the IP address.
-
Change the MTU. By default, the MTU is set to 1500 bytes. For more information about the MTU, see About the MTU.
-
Set a specific speed and duplex (if available). By default, speed and duplex are set to Auto.
Note | For the Secure Firewall Threat Defense on the FXOS chassis, you configure basic interface settings on the Firepower 4100/9300. See Configure a Physical Interface for more information. |
Before you begin
-
If you are using EtherChannels, add them according to Configure an EtherChannel.
Procedure
Step 1 | Select and click Edit ( |
Step 2 | Click Edit ( |
Step 3 | In the Mode drop-down list, choose Passive or Erspan. |
Step 4 | Enable the interface by checking the Enabled check box. |
Step 5 | In the Name field, enter a name up to 48 characters in length. |
Step 6 | From the Security Zone drop-down list, choose a security zone or add a new one by clicking New. |
Step 7 | (Optional) Add a description in the Description field. The description can be up to 200 characters on a single line, without carriage returns. |
Step 8 | (Optional) On General, set the MTU between 64 and 9198 bytes; for the Secure Firewall Threat Defense Virtual and Secure Firewall Threat Defense on the FXOS chassis, the maximum is 9000 bytes. The default is 1500 bytes. |
Step 9 | For ERSPAN interfaces, set the following parameters:
|
Step 10 | For ERSPAN interfaces, set the IPv4 address and mask on IPv4. |
Step 11 | (Optional) Set the duplex and speed by clicking Hardware Configuration. The exact speed and duplex options depend on your hardware.
|
Step 12 | Click OK. |
Step 13 | Click Save. You can now go to and deploy the policy to assigned devices. The changes are not active until you deploy them. |
