Tekniska Support

Behöver du hjälp?


How to configure all network interfaces in Panda GateDefender eSeries appliance for the first time

Informationen gäller för:

Panda GateDefender Integra eSeries
Panda GateDefender Performa eSeries

To understand Panda GateDefender eSeries network architecture take a moment to get familiar with the colour-coded network zones available in the platform and how they are intended to be used.

Colour-coded network zones

Steps to configure network interfaces for the first time

  1. Choose Red(WAN) Interface Type

    Choose the connection type of your primary WAN interface. In most cases the proper selection is either Ethernet Static or DHCP, unless you require one of the other specific connection types. Click the Forward button to continue.

    Note: If you require a configuration where you will not need a Red (WAN) interface, you can select Gateway as the connection type and this will allow you to deploy the appliance in a semi-transparent configuration. This option will allow you to deploy the appliance into a network using the Green (LAN) interface as your primary network connection and using an existing gateway that lives within the Green network.
  2. Add Network Zones

    The next option will allow you to select any additional network zone you wish to have configured on your appliance. The available options will depend on the total number of available Ethernet NIC's on the eSeries device. Your options could include adding the Blue zone (Wi-Fi) or Orange zone (DMZ) or both. Click the Forward button to continue.
  3. Configure Network Zones

    The next step involves configuring the actual IP address you want to assign to the device for each existing network zone. The default Green IP is provided for you but you can use any IP address and subnet you wish. You are also allowed to add additional networks that may co-exist within each single network zone. An example of where this might be used is if you host multiple internal subnets that all need to exist within the same network segment (within one zone).

    How to configure network zones

    The next item is a graphical representation of the available physical network interfaces and which zone they are mapped to. You may check or uncheck one or more network interfaces to belong to a network zone (at least one is required) and you may have more than one physical interface per zone; however, you cannot have one physical inteface belong to more than one zone. A network zone with multiple network interfaces will act as a bridge and mimic the behavior of a switch though using an actual physical switch is recommended where performance and efficiency are desired. Next to each network interface port is (1) the link status which indicates if there is a device actually connected to the port, (2) NIC device driver description, (3) network MAC address, and (4) the operating system physical device name.

    The last two items are the host and domain name you want assigned to the device itself. Click Forward to continue.

    Note: It is suggested to follow the standards described in RFC 1918 and use only IP addresses contained in the networks reserved for private use by the Internet.
  4. Assigning Numbers Authority (IANA):
    • - (, 16,777,216 addresses
    • - (, 1,048,576 addresses
    • - (, 65,536 addresses

      The first and the last IP address of a network segment are the network address and the broadcast address respectively and must not be assigned to any device.
  5. Configure Red (WAN) Interface

    Now you can configure the Red (WAN) interface according to your ISP connection type (as selected during Step 1). The configuration is identical to the previous step where you must configure the IP, subnet, and gateway (if necessary), select the appropriate physical inteface to use for the Red (WAN) connection, and fill in any other ISP connection specific fields.

    If you have multiple public IP addresses assigned, you may enter each IP in the Add additional addresses field (1). You should list each individual IP in either IP/Netmask or IP/CIDR format with one entry per line (Example:,, ...).

    The options for MTU is to manually enter a custom value for interface MTU size and it is not recommended unless instructed by your ISP. The option to Spoof MAC address with is only useful for situations where your ISP modem has a sticky connection and requires that your Internet MAC address always stay the same. This option would allow you to configure the appliance to forge it's Red interface MAC address, so you do not lose your ISP connection. Click Forward to continue.
  6. Configure DNS

    This option is only required if you are not using some form of DHCP for your Red (WAN) connection. You should fill in your ISP-provided or preferred public DNS servers in these fields. Click Forward to continue.
  7. Setup Email Information (Optional)

    Provide the administrator email account (recipient) along with the appliance (sender) address you want emails from the appliance firewall to use. Also you may specify the address of an email smarthost, should you require one. Click Forward to continue.
  8. Apply Configuration

    The last step is to apply the configuration to the device. Keep in mind, changes may take up to 20 seconds to be fully applied to the device and for dependent services to be restarted, so this may impact any internal device(s) ability to access the device or pass traffic through it. You must access the graphical user interface (GUI) of the eSeries device using the new IP settings either manually or using the link provided in the GUI.

Artikelnummer- 20130314 41807 EN