Modify the default network configuration

You can use the Web Administration Interface to modify the default network card configuration on an appliance to a more typical configuration.

The following example shows how to reconfigure the configuration to have each of three network interfaces residing on a different network. These networks correspond to:

  • An administration network (behind the inward facing firewall)
  • The inbound network (external traffic inbound to API Gateway)
  • The outbound network (traffic destined for the Intranet, outbound to API Gateway)

For the purposes of the example the following IP addresses are used:

Network CIDR IP address

Administration

192.168.0.10/24

Inbound

200.0.0.10/24

Outbound

10.0.0.10/24

Change the IP addresses to suit your particular network topology.

Configure the network interfaces in the WAI

To modify the network configuration, perform the following steps:

  1. Click Network Configuration in the WAI menu on the left.
  1. Click the Network Interfaces icon.
  2. Click the Activated at Boot tab.
  3. This shows the default configuration for the interfaces on the appliance.
  4. Click eth0 to configure it as the interface residing on the administration network.
  5. This displays the configuration page for that interface.
  1. Ensure that Activate at boot is set to Yes.
  2. Select Static configuration and enter the new IPv4 address and Netmask.
  3. Select Automatic for the Broadcast address.
  4. eth0 interface
  5. Click Save.
  6. This returns you to the Network Interfaces page. You can see the new IPv4 address and Netmask for eth0.
  7. Click eth1 to configure it as the interface residing on the inbound network.
  8. Ensure that Activate at boot is set to Yes.
  9. Select Static configuration, enter your inbound static IP address, and click Save.
  10. This returns you to the Network Interfaces page. You can see the new IPv4 address and Netmask for eth1.
  11. Click eth2 to configure it as the interface residing on the outbound network.
  12. Ensure that Activate at boot is set to Yes.
  13. Select Static configuration, enter your outbound static IP address, and click Save.
  14. This returns you to the Network Interfaces page. You can see the new IPv4 address and Netmask for eth2.
  15. To apply the changes select the check boxes next to the interfaces that you have changed and click the Apply Selected Interfaces button.
Note   If your administration IP address has changed you might have to log in again to the Web Administration Interface.
  1. Click the Active Now tab in the Network Interfaces page to show the new IP addresses.

Configure the inbound network interface in API Gateway

After configuring the IP address that API Gateway listens for requests on (the inbound interface), you can configure API Gateway to only bind to this particular address. This ensures that API Gateway only listens for requests arriving on that network interface. By default, API Gateway listens on all interfaces and addresses.

Perform the following steps in Policy Studio:

  1. In the navigation tree, select Environment Configuration > Listeners > API Gateway > Default Services > Ports.
  2. Select the Traffic HTTP Interface and click Edit to display the Configure HTTP Interface dialog.
  3. Configure API Gateway traffic port
  4. Enter the address of your inbound interface in the Address field (200.0.0.10).
  5. Click OK to save the changes.
  6. Click the Deploy button on the toolbar to deploy the configuration.

For more information, see the API Gateway Policy Developer Guide.

Network configuration scripts

The WAI provides an easy to use layer which manipulates the system network scripts. These scripts are located under /etc/sysconfig/network/ifcfg-eth<number>.

Advanced users who are familiar with the layout of these files can modify the network configuration directly by editing the system network scripts as the root user. Any changes made to these files are also reflected in the WAI.

Related Links