1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS318N
    5. /
  5. 17
Page 81 / 414 Scroll up to view Page 76 - 80
LAN Configuration
81
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
To delete one or more advertisement prefixes:
1.
On the RADVD screen for the LAN (see
Figure 39
on page 78), select the check box to
the left of each advertisement prefix that you want to delete, or click the
Select All
table
button to select all advertisement prefixes.
2.
Click the
Delete
table button.
Configure IPv6 Multihome LAN IP Addresses on the
Default VLAN
If you have computers using different IPv6 networks in the LAN, (for example, FEC0::2 or
FEC0::1000:10), you can add aliases to the LAN ports and give computers on those
networks access to the Internet, but you can do so only for the default VLAN. The IP address
that is assigned as a secondary IP address needs to be unique and cannot be assigned to a
VLAN.
Make sure that any secondary LAN addresses are different from the primary LAN, WAN, and
DMZ IP addresses and subnet addresses that are already configured on the wireless VPN
firewall. The following is an example of correctly configured IPv6 addresses:
WAN IP address. 2000::e246:9aff:fe1d:1a9c with a prefix length of 64
DMZ IP address. 176::e246:9aff:fe1d:a1bc with a prefix length of 64
Primary LAN IP address. FEC0::1 with a prefix length of 10
Secondary LAN IP address. 2001:db8:3000::2192 with a prefix length of 10.
To add a secondary LAN IPv6 address:
1.
Select
Network Configuration > LAN Setup > LAN Multi-homing
.
2.
In the upper right of the screen, select the
IPv6
radio button. The LAN Multi-homing screen
displays the IPv6 settings. (The following figure contains one example.)
Figure 41.
The Available Secondary LAN IPs table displays the secondary LAN IP addresses added
to the wireless VPN firewall.
Page 82 / 414
LAN Configuration
82
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
3.
In the Add Secondary LAN IP Address section of the screen, enter the following settings:
IPv6 Address
. Enter the secondary address that you want to assign to the LAN ports.
Prefix Length
. Enter the prefix length for the secondary IP address.
4.
Click the
Add
table button in the rightmost column to add the secondary IP address to the
Available Secondary LAN IPs table.
Repeat
Step 2
and
Step 3
for each secondary IP address that you want to add to the
Available Secondary LAN IPs table.
Note:
Secondary IP addresses cannot be configured in the DHCP server.
The hosts on the secondary subnets need to be manually configured
with the IP addresses, gateway IP address, and DNS server IP
addresses.
To edit a secondary LAN IP address:
1.
On the LAN Multi-homing screen for IPv6 (see the previous figure), click the
Edit
button
in the Action column for the secondary IP address that you want to modify. The Edit LAN
Multi-homing screen displays.
2.
Modify the IP address or prefix length, or both.
3.
Click
Apply
to save your settings.
To delete one or more secondary LAN IP addresses:
1.
On the LAN Multi-homing screen for IPv6 (see the previous figure), select the check box
to the left of each secondary IP address that you want to delete, or click the
Select All
table button to select secondary IP addresses.
2.
Click the
Delete
table button.
Enable and Configure the DMZ Port for IPv4 and IPv6
Traffic
The demilitarized zone (DMZ) is a network that, by default, has fewer firewall restrictions than
the LAN. The DMZ can be used to host servers (such as a web server, FTP server, or email
server) and provide public access to them. The rightmost LAN port on the wireless VPN
firewall can be dedicated as a hardware DMZ port to safely provide services to the Internet
without compromising security on your LAN.
By default, the DMZ port and both inbound and outbound DMZ traffic are disabled. Enabling
the DMZ port and allowing traffic to and from the DMZ increases the traffic through the WAN
ports.
Page 83 / 414
LAN Configuration
83
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Using a DMZ port is also helpful with online games and videoconferencing applications that
are incompatible with NAT. The wireless VPN firewall is programmed to recognize some of
these applications and to work correctly with them, but there are other applications that might
not function well. In some cases, local computers can run the application correctly if those
computers are used on the DMZ port.
Note:
A separate firewall security profile is provided for the DMZ port that
is also physically independent of the standard firewall security
component that is used for the LAN.
Note:
For information about how to define the DMZ WAN rules and LAN
DMZ rules, see
Configure DMZ WAN Rules
on page 142 and
Configure LAN DMZ Rules
on page 150, respectively.
Note:
When you enable the DMZ port for IPv4 traffic, IPv6 traffic, or both,
the DMZ LED next to LAN port 8 (see
Front Panel
on page 15) lights
green to indicate that the DMZ port is enabled.
DMZ Port for IPv4 Traffic
The DMZ Setup (IPv4) screen lets you set up the DMZ port for IPv4 traffic. You can enable or
disable the hardware DMZ port (LAN port 8; see
Front Panel
on page 15) and configure an
IPv4 address and subnet mask for the DMZ port.
To enable and configure the DMZ port for IPv4 traffic:
1.
Select
Network Configuration > DMZ Setup
.
In the upper right of the screen, the IPv4
radio button is selected by default. The DMZ Setup screen displays the IPv4 settings:
Page 84 / 414
LAN Configuration
84
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Figure 42.
2.
Enter the settings as explained in the following table:
Table 17.
DMZ Setup screen settings for IPv4
Setting
Description
DMZ Port Setup
Do you want to
enable DMZ Port?
Select one of the following radio buttons:
Yes
. Enables you to configure the DMZ port settings. Fill in the IP Address and
Subnet Mask fields.
No
. Allows you to disable the DMZ port after you have configured it.
IP Address
Enter the IP address of the DMZ port. Make sure that the DMZ
port IP address and LAN port IP address are in different
subnets (for example, an address outside the LAN DHCP
address pool, such as 192.168.1.101 when the LAN DHCP
pool is 192.168.1.2–192.168.1.100). The default IP address for
the DMZ port 176.16.2.1.
Page 85 / 414
LAN Configuration
85
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Do you want to
enable DMZ Port?
(continued)
Subnet Mask
Enter the IP subnet mask of the DMZ port. The subnet mask
specifies the network number portion of an IP address. The
subnet mask for the DMZ port is 255.255.255.0.
DHCP for DMZ Connected Computers
Disable DHCP Server
If another device on your network is the DHCP server for the VLAN, or if you will
manually configure the network settings of all of your computers, select the
Disable
DHCP Server
radio button to disable the DHCP server. This is the default setting.
Enable DHCP Server
Select the
Enable DHCP Server
radio button to enable the wireless VPN firewall to
function as a Dynamic Host Configuration Protocol (DHCP) server, providing
TCP/IP configuration for all computers connected to the VLAN. Enter the following
settings:
Domain Name
This setting is optional. Enter the domain name of the wireless
VPN firewall.
Start IP Address
Enter the start IP address. This address specifies the first of
the contiguous addresses in the IP address pool. Any new
DHCP client joining the LAN is assigned an IP address
between this address and the end IP address. The default IP
address 176.16.2.100.
End IP Address
Enter the end IP address. This address specifies the last of the
contiguous addresses in the IP address pool. Any new DHCP
client joining the LAN is assigned an IP address between the
start IP address and this IP address. The default IP address
176.16.2.254.
Note:
The start and end DHCP IP addresses should be in the
same network as the LAN TCP/IP address of the wireless VPN
firewall (that is, the IP address in the DMZ Port Setup section
as described earlier in this table).
Primary DNS
Server
This setting is optional. If an IP address is specified, the
wireless VPN firewall provides this address as the primary
DNS server IP address. If no address is specified, the wireless
VPN firewall provides its own LAN IP address as the primary
DNS server IP address.
Secondary DNS
Server
This setting is optional. If an IP address is specified, the
wireless VPN firewall provides this address as the secondary
DNS server IP address.
WINS Server
This setting is optional. Enter a WINS server IP address to
specify the Windows NetBIOS server, if one is present in your
network.
Lease Time
Enter a lease time. This specifies the duration for which IP
addresses are leased to clients.
Table 17.
DMZ Setup screen settings for IPv4 (continued)
Setting
Description

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top