NETGEAR FVS318N Router Manual PDF (Setup & Configuration Guide)

Page 86 / 414 Scroll up to view Page 81 - 85

LAN Configuration

86

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

3.

Click

Apply

to save your settings.

DMZ Port for IPv6 Traffic

The DMZ Setup (IPv6) screen lets you set up the DMZ port for IPv6 traffic. You can enable or

disable the hardware DMZ port (LAN port 8; see

Front Panel

on page 15) for IPv6 traffic and

configure an IPv6 address and prefix length for the DMZ port.

The IPv6 clients in the DMZ can autoconfigure their own IPv6 address or obtain an IPv6

address through a DHCPv6 server.

DHCP Relay

To use the wireless VPN firewall as a DHCP relay agent for a DHCP server

somewhere else in your network, select the

DHCP Relay

radio button. Enter the

following setting:

Relay Gateway

The IP address of the DHCP server for which the wireless VPN

firewall serves as a relay.

Enable LDAP

information

To enable the DHCP server to provide Lightweight Directory Access Protocol

(LDAP) server information, select the

Enable LDAP information

check box. Enter

the following settings.

LDAP Server

The IP address or name of the LDAP server.

Search Base

The search objects that specify the location in the directory tree

from which the LDAP search begins. You can specify multiple

search objects, separated by commas. The search objects

include:

• CN (for common name)

• OU (for organizational unit)

• O (for organization)

• C (for country)

• DC (for domain)

For example, to search the Netgear.net domain for all last

names of Johnson, you would enter:

cn=Johnson,dc=Netgear,dc=net

Port

The port number for the LDAP server. The default setting is 0

(zero).

DNS Proxy

Enable DNS Proxy

This setting is optional. To enable the wireless VPN firewall to provide a LAN IP

address for DNS address name resolution, select the

Enable DNS Proxy

check

box. This check box is selected by default.

Note:

When the DNS Proxy option is disabled, all DHCP clients receive the DNS

IP addresses of the ISP but without the DNS proxy IP address.

Table 17.

DMZ Setup screen settings for IPv4 (continued)

Setting

Description

Page 87 / 414

LAN Configuration

87

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

For the DMZ, there are two DHCPv6 server options:

•

Stateless DHCPv6 server

. The IPv6 clients in the DMZ generate their own IP address by

using a combination of locally available information and router advertisements, but

receive DNS server information from the DHCPv6 server. For stateless DHCPv6, you

need to configure the RADVD and advertisement prefixes (see

Configure the IPv6 Router

Advertisement Daemon and Advertisement Prefixes for the DMZ

on page 90).

•

Stateful DHCPv6 server

. The IPv6 clients in the DMZ obtain an interface IP address,

configuration information such as DNS server information, and other parameters from the

DHCPv6 server. The IP address is a dynamic address. For stateful DHCPv6, you need to

configure IPv6 address pools (see

IPv6 DMZ Address Pools

on page 89).



To enable and configure the DMZ port for IPv6 traffic:

1.

Select

Network Configuration > DMZ Setup

.

2.

In the upper right of the screen, select the

IPv6

radio button. The DMZ Setup screen

displays the IPv6 settings:

Figure 43.

Page 88 / 414

LAN Configuration

88

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

3.

Enter the settings as explained in the following table:

Table 18.

DMZ Setup screen settings for IPv6

Setting

Description

DMZ Port Setup

Do you want to

enable DMZ Port?

Select one of the following radio buttons:

•

Yes

. Enables you to configure the DMZ port settings. Fill in the IP Address and

Subnet Mask fields.

•

No

. Allows you to disable the DMZ port after you have configured it.

IPv6 Address

Enter the IP address of the DMZ port. Make sure that the DMZ

port IP address, LAN port IP address, and WAN port IP

address are in different subnets. The default IP address for the

DMZ port is 176::1.

Prefix Length

Enter the IPv6 prefix length, for example, 10 or 64. The default

prefix length for the DMZ port is 64.

DHCPv6 for DMZ Connected Computers

DHCP Status

Specify the status of the DHCPv6 server:

•

Disable DHCPv6 Server

. This is the default setting, and the DHCPv6 fields are

masked out.

•

Enable the DHCPv6 Server

. If you enable the server, you need to complete the

DHCPv6 fields.

DHCP Mode

Select one of the DHCPv6 modes from the drop-down list:

•

Stateless

. The IPv6 clients generate their own IP address by

using a combination of locally available information and

router advertisements, but receive DNS server information

from the DHCPv6 server. For stateless DHCPv6, you need to

configure the RADVD and advertisement prefixes (see

Configure the IPv6 Router Advertisement Daemon and

Advertisement Prefixes for the DMZ

on page 90).

•

Stateful

. The IPv6 clients obtain an interface IP address,

configuration information such as DNS server information,

and other parameters from the DHCPv6 server. The IP

address is a dynamic address. (see

IPv6 DMZ Address

Pools

on page 89).

Domain Name

Enter the domain name of the DHCP server.

Server Preference

Enter the DHCP server preference value. The possible values

are 0–255, with 255 as the default setting.

This is an optional setting that specifies the server’s preference

value in a server advertise message. The client selects the

server with the highest preference value as the preferred

server.

Page 89 / 414

LAN Configuration

89

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

4.

Click

Apply

to save your settings.

IPv6 DMZ Address Pools

If you configure a stateful DHCPv6 server for the DMZ, you need to add local DHCP IPv6

address pools so the DHCPv6 server can control the allocation of IPv6 addresses in the

DMZ.



To add an IPv6 DMZ address pool:

1.

On the DMZ Setup screen for IPv6 (see

Figure 43

on page 87), under the List of IPv6

Address Pools table, click

Add

. The DMZ IPv6 Config screen displays:

Figure 44.

DHCP Status

(continued)

DNS Server

Select one of the DNS server options from the drop-down lists:

•

Use DNS Proxy

. The wireless VPN firewall acts as a proxy

for all DNS requests and communicates with the ISP’s DNS

servers that you configured on the Broadband ISP Settings

(IPv6) screen (see

Configure a Static IPv6 Internet

Connection

on page 39).

•

Use DNS from ISP

. The wireless VPN firewall uses the ISP’s

DNS servers that you configured on the Broadband ISP

Settings (IPv6) screen (see

Configure a Static IPv6 Internet

Connection

on page 39).

•

Use below

. When you select this option, the DNS server

fields become available for you to enter IP addresses.

Primary DNS Server

Secondary DNS Server

Lease/Rebind

Time

Enter the period after which the DHCP lease is renewed with

the original DHCP server or rebound with another DHCP

server to extend the existing DHCP lease. The default period is

86400 seconds (24 hours).

Table 18.

DMZ Setup screen settings for IPv6 (continued)

Setting

Description

Page 90 / 414

LAN Configuration

90

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

2.

Enter the settings as explained in the following table:

3.

Click

Apply

to save your changes and add the new IPv6 address pool to the List of IPv6

Address Pools table on the DMZ Setup (IPv6) screen.



To edit an IPv6 DMZ address pool:

1.

On the DMZ Setup screen for IPv6 (see

Figure 43

on page 87), click the

Edit

button in

the Action column for the address pool that you want to modify. The DMZ IPv6 Config

screen displays.

2.

Modify the settings as explained in the previous table.

3.

Click

Apply

to save your settings.



To delete one or more IPv6 DMZ address pools:

1.

On the DMZ Setup screen for IPv6 (see

Figure 43

on page 87), select the check box to

the left of each address pool that you want to delete, or click the

Select All

table button

to select all address pools.

2.

Click the

Delete

table button.

Configure the IPv6 Router Advertisement Daemon and

Advertisement Prefixes for the DMZ

Note:

If you do not configure stateful DHCPv6 for the DMZ but use

stateless DHCPv6, you need to configure the Router Advertisement

Deamon (RADVD) and advertisement prefixes.

The RADVD is an application that uses the Neighbor Discovery Protocol (NDP) to collect

link-local advertisements of IPv6 addresses and IPv6 prefixes in the DMZ. The RADVD then

distributes this information in the DMZ, which allows IPv6 clients to configure their own IPv6

address.

Table 19.

DMZ IPv6 Config screen settings

Setting

Description

Start IPv6 Address

Enter the start IP address. This address specifies the first of the contiguous

addresses in the IP address pool. Any new DHCPv6 client joining the DMZ is

assigned an IP address between this address and the end IP address.

End IPv6 Address

Enter the end IP address. This address specifies the last of the contiguous

addresses in the IP address pool. Any new DHCPv6 client joining the DMZ is

assigned an IP address between the start IP address and this IP address.

Prefix Length

Enter the IPv6 prefix length, for example, 10 or 64.

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share