The vm-interface is used by malware running on the WildFire appliance virtual machine sandbox to access the Internet. Activating this port is recommended and will help WildFire better identify malicious activity if the malware accesses the Internet for phone-home or other activity. It is important that this interface has an isolated connection to the Internet. If your WildFire appliance is operating in FIPS/CC mode, the vm-interface is disabled. For more information, see Set Up the WildFire Appliance VM Interface.

After configuring the vm-interface, enable it by running the following command:

set
deviceconfig setting wildfire vm-network-enable yes

+ default-gateway — Default gateway for the VM interface.

+ dns-server — dns server for the VM interface.

+ ip-address — IP address for VM interface.

+ link-state — Set the link state to up or down.

+ mtu — Maximum Transmission Unit for the VM interface.

+ netmask — IP netmask for the VM interface.

+ speed-duplex — Speed and duplex for the VM interface.

The following shows a configured vm-interface.

vm-interface { 
ip-address 10.16.0.20; 
netmask 255.255.252.0; 
default-gateway 10.16.0.1; 
dns-server 10.0.0.246; 
} 

superuser, deviceadmin