1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 20
Page 96 / 469 Scroll up to view Page 91 - 95
LAN Configuration
96
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
2.
Modify the IP address or subnet mask, or both.
3.
Click
Apply
to save your settings.
To delete one or more secondary LAN IP addresses:
1.
On the LAN Multi-homing screen for IPv4 (see the previous figure), select the check box
to the left of each secondary IP address that you want to delete, or click the
Select All
table button to select secondary IP addresses.
2.
Click the
Delete
table button.
Manage IPv4 Groups and Hosts (IPv4 LAN Groups)
Manage the Network Database
Change Group Names in the Network Database
Set Up DHCP Address Reservation
The Known PCs and Devices table on the LAN Groups (IPv4) screen (see
Figure
55
on
page
97) contains a list of all known computers and network devices that are assigned
dynamic IP addresses by the VPN firewall, have been discovered by other means, or were
entered manually. Collectively, these entries make up the network database.
The network database is updated by these methods:
DHCP client requests
. When the DHCP server is enabled, it accepts and responds to
DHCP client requests from computers and other network devices. These requests also
generate an entry in the network database. This is an advantage of enabling the DHCP
server feature.
Scanning the network
. The local network is scanned using Address Resolution Protocol
(ARP) requests. The ARP scan detects active devices that are not DHCP clients.
Note:
In large networks, scanning the network might generate unwanted
traffic.
Note:
When the VPN firewall receives a reply to an ARP request, it might
not be able to determine the device name if the software firewall of
the device blocks the name.
Manual entry
. You can manually enter information about a network device.
These are some advantages of the network database:
Generally, you do not need to enter an IP address or a MAC address. Instead, you can
select the name of the desired computer or device.
Page 97 / 469
LAN Configuration
97
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
There is no need to reserve an IP address for a computer in the DHCP server. All IP
address assignments made by the DHCP server are maintained until the computer or
device is removed from the network database, either by expiration (inactive for a long
time) or by you.
There is no need to use a fixed IP address on a computer. Because the IP address
allocated by the DHCP server never changes, you do not need to assign a fixed IP
address to a computer to ensure that it always has the same IP address.
A computer is identified by its MAC address—not its IP address. The network database
uses the MAC address to identify each computer or device. Therefore, changing a
computer’s IP address does not affect any restrictions applied to that computer.
Control over computers can be assigned to groups and individuals:
-
You can assign computers to groups (see
Manage the Network Database
on this
page) and apply restrictions (outbound rules and inbound rules) to each group (see
Overview of Rules to Block or Allow Specific Kinds of Traffic
on page
136).
-
You can select groups that are allowed access to URLs that you have blocked for
other groups, or the other way around, block access to URLs that you have allowed
access to for groups (see
Configure Content Filtering
on page
186).
-
If necessary, you can also create firewall rules to apply to a single computer (see
Enable Source MAC Filtering
on page
190). Because the MAC address is used to
identify each computer, users cannot avoid these restrictions by changing their IP
address.
Manage the Network Database
You can view the network database, manually add or remove database entries, and edit
database entries.
To view the network database, select
Network Configuration > LAN Settings > LAN
Groups
.
The LAN Groups screen displays. (The following figure shows some manually
added devices in the Known PCs and Devices table as an example.)
Figure 55.
Page 98 / 469
LAN Configuration
98
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
The Known PCs and Devices table lists the entries in the network database. For each
computer or device, the following fields display:
Check box
.
Allows you to select the computer or device in the table.
Name
. The name of the computer or device. For computers that do not support the
NetBIOS protocol, the name is displayed as
Unknown
(you can edit the entry manually to
add a meaningful name). If the computer or device was assigned an IP address by the
DHCP server, the name is appended by an asterisk.
IP Address
. The current IP address of the computer or device. For DHCP clients of the
VPN firewall, this IP address does not change. If a computer or device is assigned a static
IP address, you need to update this entry manually after the IP address on the computer
or device has changed.
MAC Address
. The MAC address of the computer or device’s network interface.
Group
. Each computer or device can be assigned to a single LAN group. By default, a
computer or device is assigned to Group 1. You can select a different LAN group from the
Group drop-down list in the Add Known PCs and Devices section or on the Edit Groups
and Hosts screen.
Profile Name
. Each computer or device can be assigned to a single VLAN. By default, a
computer or device is assigned to the default VLAN (VLAN 1). You can select a different
VLAN profile name from the Profile Name drop-down list in the Add Known PCs and
Devices section or on the Edit Groups and Hosts screen.
Action
. The Edit table button, which provides access to the Edit Groups and Hosts
screen.
Add Computers or Devices to the Network Database
To add computers or devices manually to the network database:
1.
In the Add Known PCs and Devices section of the LAN Groups screen (see the previous
figure), enter the settings as described in the following table:
Table 17.
Add Known PCs and Devices section settings
Setting
Description
Name
Enter the name of the computer or device.
IP Address Type
From the drop-down list, select how the computer or device receives its IP address:
Fixed (set on PC)
.
The IP address is statically assigned on the computer or
device.
Reserved (DHCP Client)
. The DHCP server of the VPN firewall always
assigns the specified IP address to this client during the DHCP negotiation
(see also
Set Up DHCP Address Reservation
on page
101).
Note:
For both types of IP addresses, the VPN firewall reserves the IP address for
the associated MAC address.
Page 99 / 469
LAN Configuration
99
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
2.
Click the
Add
table button to add the computer or device to the Known PCs and Devices
table.
3.
As an optional step: To save the binding between the IP address and MAC address for the
entry that you just added to the Known PCs and Devices table, select the check box for the
table entry, and click the
Save Binding
button.
Note:
The saved binding is also displayed on the IP/MAC Binding screen
(see
Figure
116
on page
193).
Edit Computers or Devices in the Network Database
To edit computers or devices manually in the network database:
1.
In the Known PCs and Devices table of the LAN Groups screen (see
Figure
55
on
page
97), click the
Edit
table button of a table entry. The Edit LAN Groups screen
displays (see the following figure, which contains an example).
IP Address
Enter the IP address that this computer or device is assigned to:
If the IP address type is Fixed (set on PC), the IP address needs to be outside
of the address range that is allocated to the DHCP server pool to prevent the
IP address from also being allocated by the DHCP server.
If the IP address type is Reserved (DHCP Client), the IP address can be inside
or outside the address range that is allocated to the DHCP server pool.
Note:
Make sure that the IP address is in the IP subnet for the VLAN profile that
you select from the Profile Name drop-down list.
MAC Address
Enter the MAC address of the computer’s or device’s network interface. The MAC
address format is six colon-separated pairs of hexadecimal characters (0–9 and
a–f), such as 01:23:d2:6f:89:ab.
Group
From the drop-down list, select the group to which the computer or device is
assigned. (Group 1 is the default group.)
Profile Name
From the drop-down list, select the name of the VLAN profile to which the computer
or device is assigned.
Table 17.
Add Known PCs and Devices section settings (continued)
Setting
Description
Page 100 / 469
LAN Configuration
100
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Figure 56.
2.
Modify the settings as described in
Table
17
on page
98.
3.
Click
Apply
to save your settings in the Known PCs and Devices table.
Deleting Computers or Devices from the Network Database
To delete one or more computers or devices from the network database:
1.
On the LAN Groups screen (see
Figure
55
on page
97), select the check box to the left
of each computer or device that you want to delete, or click the
Select All
table button
to select all computers and devices.
2.
Click the
Delete
table button.
Note:
If you delete a saved binding between an IP and MAC address on
the LAN Groups screen, make sure that you also delete the binding
on the IP/MAC Binding screen (see
Figure
116
on page
193).
Change Group Names in the Network Database
By default, the groups are named Group1 through Group8. You can change these group
names to be more descriptive, such as GlobalMarketing and GlobalSales.
To edit the name of one of the eight available groups:
1.
Select
Network Configuration > LAN Settings >
LAN Groups
.
The LAN Groups
screen displays (see
Figure
55
on page
97, which shows some examples in the Known
PCs and Devices table).
2.
Click the
Edit Group Names
option arrow to the right of the LAN submenu tabs. The
Network Database Group Names screen displays. (The following figure shows some
examples.)

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top