Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual
C-10
Networks, Routing, and Firewall Basics
December 2003, M-10041-01
When a PC accesses a resource by its descriptive name, it first contacts a DNS server to obtain the
IP address of the resource. The PC sends the desired message using the IP address. Many large
organizations, such as ISPs, maintain their own DNS servers and allow their customers to use the
servers to look up addresses.
IP Configuration by DHCP
When an IP-based local area network is installed, each PC must be configured with an IP address.
If the computers need to access the Internet, they should also be configured with a gateway address
and one or more DNS server addresses. As an alternative to manual configuration, there is a
method by which each PC on the network can automatically obtain this configuration information.
A device on the network may act as a Dynamic Host Configuration Protocol (DHCP) server. The
DHCP server stores a list or pool of IP addresses, along with other information (such as gateway
and DNS addresses) that it may assign to the other devices on the network. The FVS328 Firewall
has the capacity to act as a DHCP server.
The FVS328 Firewall also functions as a DHCP client when connecting to the ISP. The firewall
can automatically obtain an IP address, subnet mask, DNS server addresses, and a gateway address
if the ISP provides this information by DHCP.
Internet Security and Firewalls
When your LAN connects to the Internet through a router, an opportunity is created for outsiders
to access or disrupt your network. A NAT router provides some protection because by the very
nature of the Network Address Translation (NAT) process, the network behind the NAT router is
shielded from access by outsiders on the Internet. However, there are methods by which a
determined hacker can possibly obtain information about your network or at the least can disrupt
your Internet access. A greater degree of protection is provided by a firewall router.