Creating a New Virtual System

You use the Virtual Systems Wizard to create a new Virtual System. Modify the initial definition and configure advanced options after you complete the wizard.

To start the Virtual System wizard:

1. Open SmartDashboard.

   If you are using Multi-Domain Security Management, open SmartDashboard from the Domain Management Server in which you are creating the Virtual System.

2. Right-click the VSX Gateway and select VSX > Virtual System.

   The Virtual System Wizard opens.

Included Topics Defining General Properties Defining Network Configuration Completing the Definition

Defining General Properties

The General Properties wizard page defines the Virtual System object and the hosting VSX Gateway.

These are the parameters in this page:

• Name: Unique, alphanumeric for the Virtual System. The name cannot contain spaces or special characters except the underscore.
• VSX Cluster / Gateway: Select the VSX Gateway that is hosting the Virtual System.
• Bridge Mode: Select this option to create a Virtual System in the Bridge Mode.
• Override Creation Template: Select this option to override the creation template that was used for the initial configuration of the VSX Gateway.

Defining Network Configuration

The Virtual System Network Configuration page allows you to define internal and external interfaces as well as the IP address topology located behind the internal interface. The process for Virtual System defining network properties varies according to the several factors:

• The VSX Gateway Creation template is used to define the VSX Gateway that contains the Virtual System.
• Whether or not you choose to override the default VSX Gateway Creation template. This has the effect of using the Custom Configuration template.
• Whether or not you create the Virtual System in the Bridge Mode.

Note - Bridge mode is not available for a Virtual System created with the Shared Interface template.

Shared Interface or Separate Interfaces

The Virtual System Network Configuration page for the Shared Interface and Separate Interfaces templates appears as shown.

To configure the external and internal interfaces:

1. Select the desired interfaces from the appropriate list.
2. If the selected Interface is a VLAN interface, enter the VLAN tag in the appropriate field. This field is not available for non-VLAN interfaces.
3. Enter the IP address and net mask in the appropriate fields. Optionally, enter a default gateway for the external interface.
4. Complete the definition process.

Separate Interfaces in Bridge Mode

The Virtual System Network Configuration page for the Separate Interfaces template in the Bridge Mode opens.

To configure the external and internal interfaces:

1. Select the desired interfaces for the internal and external networks from the appropriate list.

   If the selected Interface is a VLAN interface, enter the same VLAN tag in both the external and internal VLAN Tag fields. This field is not available for non-VLAN interfaces.

2. Define the topology for the internal interface:
   • Select Not Defined if you do not wish to define an IP address.
   • Select Specific and then select an IP address definition from the list. IP address definitions can be based on object groups or predefined networks that define the topology.
3. To create a new IP address definition:
   1. Select Specific, and click New.
   2. Select Group to define an object group, or Network to define network properties.
4. Enable Layer-3 bridge interface monitoring to enable layer 3 network fault detection for this Virtual System.

   Enter an IP address and subnet mask, which continuously monitors the specified network for faults or connectivity issues. The IP address/subnet define the network on which the Virtual System resides.

5. Complete the definition process.

Custom Configuration or Override - Non-Bridge Mode

If you used the Custom Configuration template when creating the VSX Gateway, or if you selected Override Creation Template, manually define the network interfaces and connections. The Virtual System Network Configuration page for Custom Configuration opens.

To configure the external and internal interfaces:

1. In the interface table, define the applicable interfaces.

   You can add new interfaces and delete and change existing interfaces.

   To add an interface, click Add. The Interface Properties window opens. Select an interface from the list and define its properties.

2. Select the Main IP Address from the list.

   This IP address is usually assigned to the external interface and specifies the Virtual System address used with NAT or VPN connections.

   To make an external IP address routable, select the external interface IP address as the main IP address.

3. Define network routing for your deployment.

   Some routes are automatically defined by the interface definitions. For example, you define a default gateway route leading to an external Virtual Router or to the Virtual System external interface.

   To manually add a default route to the Routes table, click Add Default Routes. Enter the default route IP address, or select the default Virtual Router. The Route Configuration window opens.

4. Complete the definition.

Custom or Override in Bridge Mode

You must manually define network interfaces, if:

• You used the Custom Configuration template when you created the VSX Gateway
• You selected Override Creation Template and this is a Virtual System in bridge mode

In the Virtual System wizard > Virtual System Network Configuration, add the external and internal interfaces and links to devices.

If the Virtual System is on IPSO, select Enable Layer-3 Bridge Interface Monitoring. Define the IP address and net mask. Make sure the IP address to be monitored is on a different subnet than the subnet that handles bridge traffic.

Completing the Definition

Click Next and then Finish to create the Virtual System. Please note that this may take several minutes to complete. A message appears indicating successful or unsuccessful completion of the process.

If the process ends unsuccessfully, click View Report to view the error messages. Refer to the troubleshooting chapter for further assistance.

Once you create a Virtual System using the Virtual System Wizard, you can modify the topology and all other parameters using the Virtual System Properties window.