1. Home
    2. /
  2. Manuals
    3. /
  3. Nokia
    4. /
  4. IP45
    5. /
  5. 22
Page 106 / 342 Scroll up to view Page 101 - 105
6
Managing your Local Area Network
106
Nokia IP45 Security Platform User’s Guide v4.0
8.
Click Apply.
The DMZ network values are successfully saved. Enter the new values as required to edit
the configured values.
Note
You can disable the DMZ network in the Nokia IP45 v4.0 security platform.
Configuring OfficeMode Network
Typically, when remote access is implemented, the client connects using an Internet IP address
locally assigned by an ISP. This can cause the following issues:
±
When two clients on the same network (for example: WLAN) use the internal VPN server,
they will not be able to communicate with each other over the secure VPN link. This is
because their IP addresses are on the same subnet and so they attempt to communicate
directly over the local network.
±
Some networking protocols or resources might require the IP address of the client to be an
internal one.
The IP45 v4.0 supports OfficeMode network that enables to assign a unique IP address to a
remote client, thus resolving the above mentioned issues. This unique IP address from the
predefined OfficeMode network is assigned when the user connects and authenticates.
Note
OfficeMode requires SecureClient installed on the VPN clients. Secure Remote OfficeMode
is not supported.
Note
Customizing DHCP options is not supported in OfficeMode.
You can configure OfficeMode by using the GUI or command-line interface.
To configure the OfficeMode settings
1.
Choose Network from the main menu and select My Network.
The My Network page opens with information about the OfficeMode configuration.
Note
By default, OfficeMode is disabled.
2.
Click Edit next to the OfficeMode.
The Edit Network Settings page opens with configurable information for OfficeMode.
Page 107 / 342
VLAN Support
Nokia IP45 Security Platform User’s Guide v4.0
107
3.
To enable, select Enabled from the Mode drop-down list.
4.
Type the values for IP Address, Subnet Mask and Hide NAT
5.
To enter the DHCP range manually, uncheck the Automatic DHCP Range check box.
6.
Enter the DHCP range in the provided text boxes.
7.
Click Apply.
For information about the commands, see the
Nokia IP45 CLI Reference Guide Version 4.0.
VLAN Support
A VLAN is a logical network behind your Nokia IP45. Computers in the same VLAN behave
like computers that are on the same physical network. Any traffic flows freely between these
without the intervention of the firewalls. Traffic between a VLAN and other networks flows as
per the security policy set by the user.
By configuring a VLAN, you can assign each division within your organization to different
VLANs regardless of their physical location. You can partition your network into several virtual
networks.
By default, traffic from VLAN to any other internal network is blocked. Hence, VLANs increase
security and reduce network congestion.
Nokia IP45 v4.0 supports tag-based Virtual LANs (VLANs).
Tag-Based VLANs
In a tag-based VLAN you use ports of one of the gateways as a 802.1Q VLAN trunk, connecting
Nokia IP45 to a VLAN switch. Each VLAN behind this trunk is assigned an identifying number
called VLAN ID or VLAN tag. Tagging ensures that traffic is directed to the correct VLAN.
Page 108 / 342
6
Managing your Local Area Network
108
Nokia IP45 Security Platform User’s Guide v4.0
All outgoing traffic from a tag-based VLAN contains the VLAN tag in the packet headers.
Incoming traffic to the VLAN must contain the VLAN tag as well, with out which, the packets
are dropped.
Configuring a VLAN
You can configure VLAN by using GUI and command-line interface.
The following sections provide information about how to configure a VLAN by using IP45 Web
portal (GUI).
To configure a VLAN
1.
Choose Network from the main menu.
2.
Click My Network.
The My Network page opens with an Add Network tab at the bottom.
3.
Click Add Network.
The Edit Network Settings page opens.
4.
In the Network Name text box, type a name for the VLAN network.
5.
From the Mode drop-down list, select Enabled.
6.
Enter the VLAN Tag value.
7.
In the IP Address text box, type the IP address of the default gateway for a VLAN network
gateway.
Note
The VLAN network must not overlap other networks.
8.
In the Subnet Mask field, type the internal network range.
Page 109 / 342
VLAN Support
Nokia IP45 Security Platform User’s Guide v4.0
109
9.
Enable or Disable Hide NAT.
10.
Select for Automatic DHCP range. To configure manually, see
“Configuring a DMZ
Network”
on page 104.
11.
Click Apply.
12.
Choose Network from the main menu.
13.
Click the Ports tab.
The Ports page opens.
14.
Click Edit at the DMZ/WAN2 option.
The Port Setup window opens.
15.
Select VLAN Trunk from the Assign to network drop-down list.
16.
Select the speed from the Link Configuration drop-down list.
Page 110 / 342
6
Managing your Local Area Network
110
Nokia IP45 Security Platform User’s Guide v4.0
17.
Click Apply.
The DMZ/WAN2 ports will no longer allow untagged packets.
18.
Configure a VLAN trunk (802.1Q) port on the VLAN-aware switch according to the vendor
instructions using the same VLAN IDs.
19.
Connect the DMZ port of your device to the VLAN trunk port of the VLAN aware switch.
Note
The DMZ/WAN2 port is indicated as DMZ port on your device.
Deleting a VLAN
The following procedure provides information about deleting a VLAN.
To delete a VLAN
1.
Choose Network from the main menu.
The Internet page opens.
2.
Click My Network.
3.
The My Network page opens with the list of VLANs, configured.
Table 19
VLAN Configuration Fields
Field
Description
Network Name
A name for the VLAN network.
Example: myvlan
Mode
Enabled/Disabled
VLAN Tag
VLAN tag.
Value: 1-4095
IP Address
IP address of the default gateway for VLAN network.
Subnet Mask
The internal network range.
Automatic
DHCP Range
Select this option to obtain the DHCP range automatically.

Rate

3.5 / 5 based on 2 votes.

Popular Nokia Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top