Page 41 / 414 Scroll up to view Page 36 - 40
Internet and Broadband Settings
41
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
6.
To verify the connection, click the
Status
option arrow in the upper right of the screen to
display the Connection Status pop-up screen. (The following figure shows a static IP
address configuration; the IP addresses are not related to any other examples in this
manual.)
Figure 20.
The Connection Status screen should show a valid IP address and gateway, and you are
connected to the Internet. If the configuration was not successful, see
Troubleshoot the
ISP Connection
on page 370.
Note:
For more information about the Connection Status screen, see
View
the WAN Port Status
on page 356.
Note:
If your ISP requires MAC authentication and another MAC address
has been previously registered with your ISP, then you need to enter
that address on the Broadband Advanced Options screen for the
corresponding WAN interface (see
Configure Advanced WAN
Options and Other Tasks
on page 47).
Configure 6to4 Automatic Tunneling
If your network is an isolated IPv6 network that is not connected to an IPv6 ISP, you need to
make sure that the IPv6 packets can travel over the IPv4 Internet backbone by enabling
automatic 6to4 tunneling.
6to4 is a WAN tunnel mechanism for automatic tunneling of IPv6 traffic between a device
with an IPv6 address and a device with an IPv4 address, or the other way around. 6to4
tunneling is used to transfer IPv6 traffic between LAN IPv6 hosts and WAN IPv6 networks
over the IPv4 network.
Page 42 / 414
Internet and Broadband Settings
42
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
With 6to4 tunnels, IPv6 packets are embedded within the IPv4 packet and then transported
over the IPv4 network. You do not need to specify remote tunnel endpoints, which are
automatically determined by relay routers on the Internet. You cannot use 6to4 tunnels for
traffic between IPv4-only devices and IPv6-only devices.
Note:
If the wireless VPN firewall functions as the endpoint for 6to4
tunnels in your network, make sure that the wireless VPN firewall
has a static IPv4 address (see
Manually Configure an IPv4 Internet
Connection
on page 31). A dynamic IPv4 address can cause routing
problems on the 6to4 tunnels.
Note:
If you do not use a stateful DHCPv6 server in your LAN, you need to
configure the Router Advertisement Daemon (RADVD), and set up
6to4 advertisement prefixes for 6to4 tunneling to function correctly.
For more information, see
Manage the IPv6 LAN
on page 70.
Typically, 6to4 tunnel addresses start with a 2002 prefix (decimal notification). On the
wireless VPN firewall, a 6to4 tunnel is indicated by sit0-WAN1 (see
View the Tunnel Status
and IPv6 Addresses
on page 45).
To enable 6to4 automatic tunneling:
1.
Select
Network Configuration > WAN Settings > 6 to 4 Tunneling
.
Figure 21.
2.
Select the
Enable Automatic Tunneling
check box.
3.
Click
Apply
to save your changes.
Configure ISATAP Automatic Tunnelling
If your network is an IPv4 network or IPv6 network that consists of both IPv4 and IPv6
devices, you need to make sure that the IPv6 packets can travel over the IPv4 intranet by
Page 43 / 414
Internet and Broadband Settings
43
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
enabling and configuring Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)
tunneling.
ISATAP is a LAN tunnel mechanism in which the IPv4 network functions as a virtual IPv6
local link. Each IPv4 address is mapped to a link-local IPv6 address, that is, the IPv4 address
is used in the interface portion of the IPv6 address. ISATAP tunneling is used intra-site, that
is, between addresses in the LAN. For more information about link-local addresses, see
Manage the IPv6 LAN
on page 70.
Note:
If you do not use a stateful DHCPv6 server in your LAN, you need to
configure the Router Advertisement Daemon (RADVD), and set up
ISATAP advertisement prefixes (which are referred to as
Global/Local/ISATAP prefixes) for ISATAP tunneling to function
correctly. For more information, see
Manage the IPv6 LAN
on
page 70.
The wireless VPN firewall determines the link-local address by concatenating the IPv6
address with the 32 bits of the IPv4 host address:
For a unique global address:
fe80:0000:0000:0000:0000:5efe (or fe80::5efe) is concatenated with the IPv4 address.
For example, fe80::5efe with 10.29.33.4 becomes fe80::5efe:10.29.33.4, or in
hexadecimal format, fe80::5efe:a1d:2104.
For a private address:
fe80:0000:0000:0000:0200:5efe (or fe80::200:5efe) is concatenated with the IPv4
address. For example, fe80::200:5efe with 192.168.1.1 becomes
fe80::200:5efe:192.168.1.1, or in hexadecimal format, fe80::200:5efe:c0a8:101.
To configure an ISATAP tunnel:
1.
Select
Network Configuration > WAN Settings > ISATAP Tunnels
. The ISATAP
Tunnels screen displays. (The following figure shows some examples.)
Figure 22.
Page 44 / 414
Internet and Broadband Settings
44
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
2.
Click the
Add
table button under the List of Available ISATAP Tunnels table. The Add
ISATAP Tunnel screen displays:
Figure 23.
3.
Specify the tunnel settings as explained in the following table.
4.
Click
Apply
to save your changes.
To edit an ISATAP tunnel:
1.
On the ISATAP Tunnels screen, click the
Edit
button in the Action column for the tunnel
that you want to modify. The Edit ISATAP Tunnel screen displays. This screen is
identical to the Add ISATAP Tunnel screen.
2.
Modify the settings as explained in the previous table.
3.
Click
Apply
to save your settings.
To delete one or more tunnels:
1.
On the ISATAP Tunnels screen, select the check box to the left of each tunnel that you
want to delete, or click the
Select All
table button to select all tunnels.
2.
Click the
Delete
table button.
Table 7.
Add ISATAP Tunnel screen settings
Setting
Description
ISATAP Subnet Prefix
The IPv6 prefix for the tunnel.
Local End Point
Address
From the drop-down list, select the type of local address:
LAN
. The local end point address is the address of the default VLAN.
Other IP
. The local end point address is another LAN IP address that you need
to specify in the IPv4 Address fields.
IPv4 Address
If you select Other IP from the Local End Point Address drop-down list, enter the
IPv4 address.
Page 45 / 414
Internet and Broadband Settings
45
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
View the Tunnel Status and IPv6 Addresses
The IPv6 Tunnel Status screen displays the status of all active 6to4 and ISATAP tunnels and
their IPv6 addresses.
To view the status of the tunnels and IPv6 addresses:
Select
Monitoring > Router Status > Tunnel Status
. The Tunnel Status screen displays:
Figure 24.
The IPv6 Tunnel Status table shows the following fields:
Tunnel Name
. The tunnel name for the 6to4 tunnel is always sit0-WAN1 (SIT stands for
simple Internet transition); the tunnel name for an ISATAP tunnel is isatapx-LAN, in which
x is an integer.
IPv6 Address
. The IPv6 address of the local tunnel endpoint.
Configure Dynamic DNS
Dynamic DNS (DDNS) is an Internet service that allows devices with varying public IPv4
addresses to be located using Internet domain names. To use DDNS, you need to set up an
account with a DDNS provider such as DynDNS.org, TZO.com, Oray.net, or 3322.org. (Links
to DynDNS, TZO, Oray, and 3322 are provided for your convenience as option arrows on the
DDNS configuration screens.) The wireless VPN firewall firmware includes software that
notifies DDNS servers of changes in the WAN IP address so that the services running on this
network can be accessed by others on the Internet.
If your network has a permanently assigned IP address, you can register a domain name and
have that name linked with your IP address by public Domain Name Servers (DNS).
However, if your Internet account uses a dynamically assigned IP address, you will not know
in advance what your IP address will be, and the address can change frequently—hence, the
need for a commercial DDNS service, which allows you to register an extension to its
domain, and restores DNS requests for the resulting fully qualified domain name (FQDN) to
your frequently changing IP address.
After you have configured your account information on the wireless VPN firewall, when your
ISP-assigned IP address changes, your wireless VPN firewall automatically contacts your
DDNS service provider, logs in to your account, and registers your new IP address.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top