1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS338
    5. /
  5. 10
Page 46 / 178 Scroll up to view Page 41 - 45
FVS338 ProSafe VPN Firewall 50 Reference Manual
3-2
LAN Configuration
v1.0, September 2006
To modify your LAN setup:
1.
Select
Network Configuration
from the main menu and
LAN Setup
from the submenu. The
LAN Setup
screen will display.
2.
Enter the
IP Address
of your router (factory default:
192.168.1.1
). (Always make sure that the
LAN Port IP address and DMZ port IP address are in different subnets.)
3.
Enter the
IP Subnet Mask
. The subnet mask specifies the network number portion of an IP
address. Your router will automatically calculate the subnet mask based on the IP address that
you assign. Unless you are implementing subnetting, use 255.255.255.0 as the subnet mask
(computed by the router).
4.
Check the
Enable DHCP Server
radio button. By default, the router will function as a DHCP
(Dynamic Host Configuration Protocol) server, providing TCP/IP configuration for all
computers connected to the router's LAN. If another device on your network will be the DHCP
server, or if you will manually configure all devices, check the
Disable DHCP Server
radio
button. Enable DHCP Server is the default. If Enabled is selected, enter the following
parameters:
a.
Enter the
Domain Name
of the router (this is optional).
Figure 3-1
Page 47 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
LAN Configuration
3-3
v1.0, September 2006
b.
Enter the
Starting IP Address
. This address specifies the first of the contiguous addresses
in the IP address pool. Any new DHCP client joining the LAN will be assigned an IP
address between this address and the Ending IP Address. The IP address 192.168.1.2 is the
default start address.
c.
Enter the
Ending IP Address
. This address specifies the last of the contiguous addresses
in the IP address pool. Any new DHCP client joining the LAN will be assigned an IP
address between the Starting IP address and this IP address. The IP address 192.168.1.100
is the default ending address.
d.
Enter a
WINS Server
IP address. This box can specify the Windows NetBios Server IP if
one is present in your network. This field is optional.
e.
Enter a
Lease Time.
This specifies the duration for which IP addresses will be leased to
clients.
f.
Check the
Enable DNS Proxy
radio box. This is optional—the default is enabled. If
enabled, the VPN firewall will provide a LAN IP Address for DNS address name
resolution.
5.
Click
Apply
to save your settings.
6.
Click
Reset
to discard any changes and revert to the previous configuration.
Note:
The Starting and Ending DHCP addresses should be in the same “network”
as the LAN TCP/IP address of the router (the IP Address in
LAN TCP/IP
Setup
section).
Note:
If you change the LAN IP address of the firewall while connected through the
browser, you will be disconnected. You must then open a new connection to
the new IP address and log in again. For example, if you change the default IP
address
192.168.1.1
to
10.0.0.1
, you must enter
in your browser
to connect to the web management interface.
Note:
Once you have completed the LAN IP setup, all outbound traffic is allowed
and all inbound traffic is discarded. To change these traffic rules, refer to
Chapter 4, “Firewall Protection and Content Filtering
.”
Page 48 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
3-4
LAN Configuration
v1.0, September 2006
Configuring Multi-Home LAN IPs
If you have computers that are using different IP address ranges in the LAN (for example,
172.16.2.0 or 10.0.0.0), then you can add “aliases” to the LAN port which give computers on those
networks access to the Internet. This allows the firewall to act as a gateway to additional logical
subnets on your LAN.
To add a secondary LAN IP address:
1.
Select
Network Configuration
from the main menu and
LAN Setup
from the secondary
menu. Click the
Multi Home LAN IPs Setup
link (see
Figure 3-2 on page 3-4
) The
Secondary LAN IP Setup screen will display.
2.
Enter the Secondary IP address and Subnet Mask and click
Add.
The Secondary IP address
will be added to the
Available Secondary LAN IPs
table.
Note:
Additional IP addresses cannot be configured in the DHCP server. The hosts on
the secondary subnets must be manually configured with IP addresses,
gateway IP and DNS server IP addresses.
Figure 3-2
Tip:
The Secondary LAN IP address will be assigned to the LAN interface of the
router and can be used as a gateway by the secondary subnet.
Page 49 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
LAN Configuration
3-5
v1.0, September 2006
Managing Groups and Hosts
The
Known PCs and Devices
table on the
Groups and Hosts
screen contains a list of all known
PCs and network devices, as well as hosts, that are assigned dynamic IP addresses by this router.
Collectively, these entries make up the Network Database. The Network Database is created in two
ways:
Using the DHCP Server.
The router’s DHCP server will accept and respond to DHCP client
requests from PCs and other network devices. Every computer that is responded to will be
added to the Network Database in the
Known PCs and Devices
table.
Scanning the Network
. The router will scan the local network periodically, using standard
methods such as ARP and NetBIOS, to detect active computers or devices which are not
DHCP clients. For computers that do not support the NetBIOS protocol, the name will be
displayed in the
known PCs and Devices
table as “Unknown”.
Creating the Network Database
The Network Database offers a number of advantages:
Generally, you do not need to enter either IP address or MAC addresses. Instead, you can just
select the desired PC or device.
No need to reserve an IP address for a PC in the DHCP Server. All IP address assignments
made by the DHCP Server will be maintained until the PC or device is removed from the
database, either by expiry (inactive for a long time) or by you.
No need to use a Fixed IP on PCs. Because the address allocated by the DHCP Server will
never change, you don't need to assign a fixed IP to a PC to ensure it always has the same IP
address.
MAC-level Control over PCs. The Network Database uses the MAC address to identify each
PC or device. So changing a PC's IP address does not affect any restrictions on that PC.
Group and Individual Control over PCs
You can assign PCs to Groups and apply restrictions to each Group using the Firewall
Rules screen (see
“Services-Based Rules” on page 4-2
).
You can also select the Groups to be covered by the Block Sites feature (see
“Setting
Block Sites (Content Filtering)” on page 4-21
).
If necessary, you can also create Firewall Rules to apply to a single PC (see
“Enabling
Source MAC Filtering” on page 4-23
). Because the MAC address is used to identify each
PC, users cannot avoid these restrictions by changing their IP address.
Page 50 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
3-6
LAN Configuration
v1.0, September 2006
A computer is identified by its MAC address—not its IP address. Hence, changing a
computer’s IP address does not affect any restrictions applied to that PC.
This
Known PCs and Devices
table lists entries in the Network Database. For each computer or
device, the following fields are displayed:
Name
: The name of the PC or device. For computers that do not support the NetBIOS
protocol, this will be listed as “Unknown” (you can edit the entry manually to add a
meaningful name). If the computer was assigned an IP address by the DHCP server, then the
Name will be appended by an asterisk.
IP Address
: The current IP address of the computer. For DHCP clients of the router, this IP
address will not change. If a computer is assigned a static IP addresses, you will need to update
this entry manually if the IP address on the computer has been changed.
MAC Address
: The MAC address of the PC’s network interface.
Group
: Each PC or device can be assigned to a single group. By default, a computer is
assigned to Group 1, unless a different group is selected from the Group pull-down menu.
Action
: Allows modification of the selected entry by clicking Edit.
To add computers to the network database manually:
1.
Select
Network Configuration
from the main menu and
LAN Groups
from the submenu.
The
Groups and Hosts
screen will display.
2.
In the
Add Known PCs and Devices
table, enter the name of the PC or device.
3.
Enter the
IP Address Type
. Select
Reserved (DHCP Client)
to direct the router to reserve the
IP address for allocation by the DHCP server. Select
Fixed (Set on PC)
if the IP address is
statically assigned on the computer.
4.
Enter the
IP Address
that this computer or device is assigned. If the IP Address Type is
Reserved (DHCP Client), the router will reserve the IP address for the associated MAC
address.
5.
Enter the
MAC Address
of the computer. The MAC address should be in the form:
xx:xx:xx:xx:xx:xx (for example: 00:80:48:2a:8b:c0)
6.
From the
Group
pull-down menu, select the group to which the computer will be assigned.
7.
Click
Add
to add the new entry to the network database in the
Known PCs and Devices
table.
Note:
When specifying a Reserved IP address, make sure that you select an IP
address outside of the DHCP Server pool of addresses.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top