1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 21
Page 101 / 469 Scroll up to view Page 96 - 100
LAN Configuration
101
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Figure 57.
3.
Select the radio button next to the group name that you want to change.
4.
Type a new name in the field. The maximum number of characters is 15. Do not use a
double quote (''), single quote('), or space in the name.
5.
Click
Apply
to save your settings.
Note:
You can change only one group name at a time.
Set Up DHCP Address Reservation
When you specify a reserved IP address for a computer or device on the LAN (based on the
MAC address of the device), that computer or device always receives the same IP address
each time it accesses the VPN firewall’s DHCP server. Reserved IP addresses should be
assigned to servers or access points that require permanent IP address settings. The
reserved IP address that you select needs to be outside of the DHCP server pool.
To reserve and bind an IP address to a MAC address, select
Reserved (DHCP Client)
from
the IP Address Type drop-down list on the LAN Groups screen and save the binding by
clicking the Save Binding button on the same screen. For detailed steps, see
Add Computers
or Devices to the Network Database
on page
98.
Note:
The reserved address is not assigned until the next time the
computer or device contacts the VPN firewall’s DHCP server.
Reboot the computer or device, or access its IP configuration and
force a DHCP release and renew.
Page 102 / 469
LAN Configuration
102
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Note:
The saved binding is also displayed on the IP/MAC Binding screen
(see
Figure
116
on page
193).
Manage the IPv6 LAN
DHCPv6 Server Options
Configure the IPv6 LAN
Configure the IPv6 Router Advertisement Daemon and Advertisement Prefixes for the
LAN
An IPv6 LAN typically functions with site-local and link-local unicast addresses. Each
physical interface requires an IPv6 link-local address that is automatically derived from the
MAC addresses of the IPv4 interface and that is used for address configuration and neighbor
discovery. (Normally, you would not manually configure a link-local address.)
Traffic with site-local or link-local addresses is never forwarded by the VPN firewall (or by any
other router), that is, the traffic remains in the LAN subnet and is processed over the default
VLAN only. A site-local address always starts with fec0 (hexadecimal); a link-local unicast
address always starts with FE80 (hexadecimal). To forward traffic from sources with a site
local or link-local unicast address in the LAN, a DHCP server is required. For more
information about link-local unicast addresses, see
Configure ISATAP Automatic Tunneling
on page
65.
Because each interface is automatically assigned a link-local IP address, it is not useful to
assign another link-local IP address as the default IPv6 LAN address. The default IPv6 LAN
address is a site-local address. You can change this address to any other IPv6 address for
LAN use.
Note:
Site-local addresses, that is, addresses that start with fec0, have
been depreciated. However, NETGEAR has implemented a
site-local address as a
temporary
default IPv6 LAN address that you
can replace with another LAN address. The firewall restricts external
communication of this default site-local address.
Page 103 / 469
LAN Configuration
103
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
DHCPv6 Server Options
The IPv6 clients in the LAN can autoconfigure their own IPv6 address or obtain an IPv6
address through a DHCPv6 server. For the LAN, there are three DHCPv6 options:
Stateless DHCPv6 Server
The IPv6 clients in the LAN generate their own IP address by using a combination of locally
available information and router advertisements, but receive DNS server information from the
DHCPv6 server. For stateless DHCPv6, you need to configure the RADVD and
advertisement prefixes (see
Configure the IPv6 Router Advertisement Daemon and
Advertisement Prefixes for the LAN
on page
109).
Stateless DHCPv6 Server With Prefix Delegation
As an option for a stateless DHCPv6 server, you can enable prefix delegation. The ISP’s
stateful
DHCPv6 server assigns a prefix that is used by the VPN firewall’s
stateless
DHCPv6
server to assign to its IPv6 LAN clients.
Prefix delegation functions in the following way:
1.
The VPN firewall’s DHCPv6 client requests prefix delegation from the ISP.
You need to select the Prefix Delegation check box on the ISP IPv6 WAN Settings screen
(see
Use a DHCPv6 Server to Configure an IPv6 Internet Connection
on page
55).
2.
The ISP allocates a prefix to the VPN firewall.
This prefix is automatically added to the List of Prefixes to Advertise table on the LAN
RADVD screen for IPv6 (see
Configure the IPv6 Router Advertisement Daemon and
Advertisement Prefixes for the LAN
on page
109).
3.
The stateless DHCPv6 server allocates the prefix to the IPv6 LAN clients through the
RADVD. When prefix delegation is enabled, the RADVD advertises the following prefixes:
The prefix that was added through prefix delegation.
Prefixes that you manually added to the List of Prefixes to Advertise table on the
RADVD screen.
You need to perform the following tasks:
Select the Prefix Delegation check box on the LAN Setup screen for IPv6 (see
Configure the IPv6 LAN
on page
104).
Configure the RADVD (see
Configure the IPv6 Router Advertisement Daemon and
Advertisement Prefixes for the LAN
on page
109).
Optionally, manually add prefixes to the List of Prefixes for Prefix Delegation table on
the LAN Setup screen for IPv6 (see
IPv6 LAN Prefixes for Prefix Delegation
on
page
107).
Optionally, manually add prefixes to List of Prefixes to Advertise table on the RADVD
screen (see
Advertisement Prefixes for the LAN
on page
111).
Page 104 / 469
LAN Configuration
104
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Stateful DHCPv6 Server
The IPv6 clients in the LAN obtain an interface IP address, configuration information such as
DNS server information, and other parameters from the DHCPv6 server. The IP address is a
dynamic address. For stateful DHCPv6, you need to configure IPv6 address pools (see
IPv6
LAN Address Pools
on page
106).
Configure the IPv6 LAN
To configure the IPv6 LAN settings:
1.
Select
Network Configuration > LAN Settings
.
2.
In the upper right of the screen, select the
IPv6
radio button. The LAN Setup screen displays
the IPv6 settings. (The following figure contains some examples.)
Figure 58.
Page 105 / 469
LAN Configuration
105
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
3.
Enter the settings as described in the following table. The IPv6 address pools and prefixes
for prefix delegation are described in the sections following the table.
Table 18.
LAN Setup screen settings for IPv6
Setting
Description
IPv6 LAN Setup
IPv6 Address
Enter the LAN IPv6 address. The default address is fec0::1.(For more information, see
the introduction to this section,
Manage the IPv6 LAN
.)
IPv6 Prefix Length
Enter the IPv6 prefix length, for example, 10 or 64. The default prefix length is 64.
DHCPv6
DHCP Status
Specify the status of the DHCPv6 server:
Disable DHCPv6 Server
. This is the default setting, and the DHCPv6 fields are
masked out.
Enable the DHCPv6 Server
. If you enable the server, you need to complete the
DHCPv6 fields.
DHCP Mode
Select one of the DHCPv6 modes from the drop-down list:
Stateless
. The IPv6 clients generate their own IP address by
using a combination of locally available information and
router advertisements, but receive DNS server information
from the DHCPv6 server. For stateless DHCPv6, you need
to configure the RADVD and advertisement prefixes (see
Configure the IPv6 Router Advertisement Daemon and
Advertisement Prefixes for the LAN
on page
109). As an
option, you can enable prefix delegation (see the explanation
further down in this table).
Stateful
. The IPv6 clients obtain an interface IP address,
configuration information such as DNS server information,
and other parameters from the DHCPv6 server. The IP
address is a dynamic address. You need to add IPv6
address pools to the List of IPv6 Address Pools table on the
LAN Setup screen (see
IPv6 LAN Address Pools
on
page
106).
Prefix Delegation
If you have selected the
stateless
DHCPv6 mode, you can select
the Prefix Delegation check box:
Prefix delegation check box is selected
. The stateless
DHCPv6 server assigns prefixes to its IPv6 LAN clients.
Make sure that the Prefix Delegation check box on the WAN
IPv6 ISP Settings screen is also selected (see
Use a
DHCPv6 Server to Configure an IPv6 Internet Connection
on
page
55) to enable the VPN firewall to acquire a prefix from
the ISP through prefix delegation. In this configuration, a
prefix is automatically added to the List of Prefixes to
Advertise table on the LAN RADVD screen for IPv6 (see
Configure the IPv6 Router Advertisement Daemon and
Advertisement Prefixes for the LAN
on page
109).
Prefix delegation check box is cleared
. Prefix delegation
is disabled in the LAN. This is the default setting.
Domain Name
Enter the domain name of the DHCP server.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top