Netskope Help

Configure the Interfaces

An appliance has three interfaces - dp1, dp2 (the default appliance interface), and mp. The dp1 and dp2 interfaces receive and forward traffic whereas the mp interface provides management access. When the three interfaces are configured, they connect to the three network interfaces - eth0, eth1, and eth2. Interface dp2 connects to the default network interface eth0, dp1 connects to eth1, and mp connects to eth2. 

An OPLP or DPoP appliance will only require a single interface to connect to the Netskope cloud whereas, a Secure Forwarder appliance can require up to three interfaces based on your network.

Appliance interfaces can be configured in the following two modes:

  • DHCP - When enabled, the interface is configured to use DHCP.

    Note

    DHCP is enabled by default on the dp2 interface.

  • Static IPs - This mode enables you to configure a static IP on the interface.

When configuring an interface, choose a subnet that can reach the tenant instance in the Netskope cloud.

Configure the Interface using DHCP

The default interface, dp2 is configured to use DHCP and does not require configuration. DHCP is only enabled on the dp2 interface.

If you want to configure the dp2 interface with a static IP, you must disable DHCP, enable static IP, and then set the static IP, gateway, and netmask. For information on configuring static IPs, see Configure the Interface with a static IP.

To enable DHCP on the other interfaces, run:

set interface dp2 dhcp enable false
set interface dp1 dhcp enable true
save

or,

set interface dp2 dhcp enable false
set interface mp dhcp enable true
save

Note

Netskope recommends using DHCP only on the dp2 interface. If you want to configure more than one interface on the appliance, then the dp1 and mp interfaces must be configured to use static IPs.

Configure the Interface with a static IP

If you don't want to use the default DHCP configuration on the dp2 interface, you can configure the interface with a static IP address. If DHCP is enabled on the interface, you can find the IP, gateway, and netmask assigned to the interface using the run show route interface command.

With DHCP enabled on dp2, run the following command to get the IP, gateway, and netmask. In CLI's operation mode, run:

run show route interface dp2

Make a note of the IP, gateway, and netmask. For example, dp2 (eth0): ip - 172.31.1.41, gw - 172.31.0.1, netmask - 255.255.240.0

Note

Before you configure the static IP, ensure that DHCP is disabled on the interface.

To configure static IPs on the interface, you will require the IP, gateway, and netmask. In configuration mode, run the following commands,

set interface dp2 dhcp enable false

set interface dp2 static enable true
set interface dp2 static ip 172.31.1.41
set interface dp2 static gw 172.31.0.1
set interface dp2 static netmask 255.255.240.0
set dns primary 1.1.1.1
set dns secondary 8.8.8.8
save

You can use the show command in configuration mode to verify your configuration.

Caution

After setting the dp2 interface, the error aufs au_opts_parse:1155:docker[2010 ] unknown option occurs in releases prior to 46. This error is not an issue and can be ignored.