Configure the VNI Interface

Add a VNI interface, associate it with the VTEP source interface, and configure basic interface parameters.

For the threat defense virtual in Azure, you can configure either a regular VXLAN interface, or you can configure a paired proxy mode VXLAN interface for use with the Azure GWLB. Paired proxy mode is the only supported mode with clustering.

Procedure


Step 1

Choose Devices > Device Management.

Step 2

Click Edit (edit icon) next to the device on which you want to configure VXLAN.

Step 3

Click Interfaces.

Step 4

Click Add Interfaces, and then choose VNI Interface.

Step 5

Enter the interface Name and Description.

Step 6

From the Security Zone drop-down list, choose a security zone or add a new one by clicking New.

Step 7

Enter a value for the Priority field within the specified range. By default, 0 is selected.

Step 8

Enter a value for the VNI ID between 1 and 10000.

This ID is only an internal interface identifier.

Step 9

(Paired Proxy VXLAN for Azure GWLB) Enable proxy paired mode and set the required parameters.

  1. Check Proxy Paired.

  2. Set the Internal Port between 1024 and 65535.

  3. Set the Internal Segment ID between 1 and 16777215.

  4. Set the External Port between 1024 and 65535.

  5. Set the External Segment ID between 1 and 16777215.

Step 10

(Regular VXLAN) Enter a value for the VNI Segment ID between 1 and 16777215.

The segment ID is used for VXLAN tagging.

Step 11

Enter the Multicast Group IP Address.

If you do not set the multicast group for the VNI interface, the default group from the VTEP source interface configuration is used, if available. If you manually set a VTEP peer IP for the VTEP source interface, you cannot specify a multicast group for the VNI interface.

Step 12

Check NVE Mapped to VTEP Interface.

This option associates this interface with the VTEP source interface.

Step 13

Click OK.

Step 14

Click Save to save the interface configuration.

Step 15

Configure the routed or transparent interface parameters. See Configure Routed and Transparent Mode Interfaces.