Modify the Firewall Threat Defense Data Interface Used for Management in the GUI

If the management connection is up, but you want to change the IP address of the data interface used for manager access, follow these steps. For example, if you register a device using zero-touch provisioning, then you need to change the IP address to a static address before you can enable high availability.

You can alternatively change interface settings at the CLI, but we recommend only using that method if the management connection is down. Any changes you make at the CLI will have to be replicated in the GUI anyway.

Procedure

Step 1

Choose Devices > Device Management, and click Edit (edit icon) next to the device.

Step 2

Choose Interfaces.

Step 3

If you want to change the interface used for manager access:

  1. Remove the IP address and name from the old data management interface and disable manager access for this interface.

  2. Configure the new data management interface with the new settings and enable manager access for it.

  3. If you use a static IP address, you are reminded to make sure you have a default route. Click Yes.

  4. Click OK to exit the interface.

  5. Click Save on the Interfaces page.

Step 4

If you only want to change the IP address:

  1. Change the IP address.

  2. For a static IP address, you are reminded to make sure you have a default route. Click Yes.

  3. Click OK to exit the interface.

  4. Click Save on the Interfaces page.

Step 5

Choose Routing > Static Route and add or change the default or static route for the manager access interface.

Step 6

Deploy configuration changes.

The Firewall Management Center will deploy the configuration changes over the current connection. After the deployment, the data interface will have a new IP address, so the management connection will need to be reestablished.

Step 7

Update the Hostname or IP Address in the Firewall Management Center.

Step 8

Ensure the management connection is reestablished.

In the Device > Management area, click Manager Access Details: Configuration and then click Connection Status.

The following status shows a successful connection for a data interface, showing the internal "tap_nlp" interface.

Connection Status
Connection Status

If it takes more than 10 minutes to reestablish the connection, you should troubleshoot the connection. See Troubleshoot Management Connectivity on a Data Interface.