Create IPv4 Subnet Pools for Secure Firewall Cloud Native Cluster

Procedure

Step 1

In the navigation pane, click Inventory.

Step 2

Click the Devices tab.

Step 3

Click the SFCN tab and select a Secure Firewall Cloud Native cluster to create IPv4 subnet pools.

Step 4

In the Management pane on the right, click IPv4 Subnet Pools.

Step 5

Click Create Subnet Pool and define the IPv4 subnet pool attributes:

  • Name: Specify a unique name for the subnet pool.

  • Address: Specify a network address. This is the network portion of the range of IPv4 addresses that can be assigned to the remote access VPN users.

  • Supernet Prefix: Specify the size of the large or super network within which all subnets are allocated. The value entered must be relatively smaller than the subnet prefix value.

  • Subnet Prefix: Specify the range of IP addresses within the super network. The value entered must be relatively bigger than the supernet prefix value.

  • Range Start: Specify the first IP octet to be used when assigning IP addresses to the remote access VPN users. This is an optional field.

  • Number Address: Specify the number of addresses in each subnet. This value cannot exceed the total size of the subnet. This is an optional field.

Step 6

Click Save.

Example

The following example helps you to understand the IPv4 subnet pool attributes:

  • IP Address: 192.168.0.0

  • Supernet Prefix: 16

  • Subnet Prefix: 24

  • Range Start: 50

  • Num Address: 10

The binary equivalent of the IP address is: 11000000.10101000.00000000.00000000

The supernet prefix value 16 (11111111.11111111) considers the first and second octets of the IP address to remain constant. Therefore, the super network ranges from 192.168.0, 192.168.1 --- 192.168.255. With this supernet value, the Secure Firewall Cloud Native cluster can assign IP addresses to 256 subnets.

The subnet prefix value 24 (11111111.11111111.11111111.00000000) defines the host address in the fourth octet of the IP address for each subnet ranging 0-255.

Global
Start End
supernet 192.168.0.0 192.168.255.255
subnet 1 192.168.0.0 192.168.0.255
subnet 2 192.168.1.0 192.168.1.255
subnet 3 192.168.2.0 192.168.2.255
subnet 256 192.168.255.0 192.168.255.255

In each subnet, the Range Start value 50 defines the start address, which is 192.168.x.50. The Num Start value 10 considers ten IP addresses from the range start, which means the IP address ranges from 192.168.x.50 to192.168.x.60.

Global

With Range Start and Numb Address
Start End Start End
supernet 192.168.0.0 192.168.255.255
subnet 1 192.168.0.0 192.168.0.255 192.168.0.50 192.168.0.60
subnet 2 192.168.1.0 192.168.1.255 192.168.2.50 192.168.2.60
subnet 3 192.168.2.0 192.168.2.255 192.168.3.50 192.168.3.60
subnet 256 192.168.255.0 192.168.255.255 192.168.255.50 192.168.255.60