    Configure Interface's IP address using command line??


      Hi all,


      I configured an IP address on Mcafee NGFW using the command:

      ip addr flush eth3

      ip addr add dev eth3


      And the result:

      root@NGFW1:~# ip addr

      19: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

          link/ether 00:0c:29:83:01:de brd ff:ff:ff:ff:ff:ff

          inet brd scope global eth3

             valid_lft forever preferred_lft forever

      But when i went into SMC, still see old configuration. It seem that the SMC only store the local configuration (what we edit but not the real configuration on Firewall) and not refresh to see whether there're any change in the Firewall??

      So i decide to push the configuration again on SMC to see whether the IP address of eth3 will be change but it's still I guess that SMC checked that there're no change in the policy so it decided to not truely install this policy again.

      I have to reboot the firewall to make it work?

      It's really bad, because i love using command line.

      Does anybody know why? What's the concept of Mcafee?



        • 1. Re: Configure Interface's IP address using command line??



          After initial contact is done via sg-reconfigure wizard on command line, rest of the configuration is done via SMC. We don't have option to configure devices via command line. Since the NGFW is running on linux OS, majority of the normal linux commands are there, but e.g. ip address command is not meant to be used to making permanent configuration changes. In some cases you might use it to add IP to interface manually or use ip route to add temporary route e.g. to restore the management connection, but to permanently change network and any other NGFW configuration, you need to make changes in SMC and then install the policy via SMC.


          Best regards,


          • 2. Re: Configure Interface's IP address using command line??

            Hi thyvarin,


            Thank for your help. Really miss the command line . Hope that Mcafee will support command line in the future.