D-Link NetDefend DFL-210 User Manual page 82
Network security firewall
Hide thumbs
Also See for NetDefend DFL-210:
- User manual (495 pages) ,
- Log reference manual (476 pages) ,
- Cli reference manual (213 pages)
Table of Contents
Advertisement
3.3.2. Ethernet Interfaces
progressively smaller as the transmission rates get faster from normal Ethernet to Fast Ethernet and
then Gigabit Ethernet.
Each NetDefendOS Ethernet interface corresponds to a physical Ethernet port in the system. The
number of ports, their link speed and the way the ports are realized, is dependent on the hardware
model.
Ethernet Interface Names
The names of the Ethernet interfaces are pre-defined by the system, and are mapped to the names of
the physical ports; a system with a wan port will have an Ethernet interface named wan and so on.
The names of the Ethernet interfaces can be changed to better reflect their usage. For example, if an
interface named dmz is connected to a wireless LAN, it might be convenient to change the interface
name to radio. For maintenance and troubleshooting, it is recommended to tag the corresponding
physical port with the new name.
Ethernet IP Addresses
Each Ethernet interface is required to have an Interface IP Address, which can be either a static
address or an address provided by DHCP. The interface IP address is used as the primary address for
communicating with the system through the specific Ethernet interface.
The standard is to use IP4 Address objects to define the addresses of Ethernet interfaces. Those
objects are normally auto-generated by the system. For more information, please see Section 3.1.5,
"Auto-Generated Address Objects".
Changing the IP Address of an Ethernet Interface
To change the IP address on an interface, we can use one of two methods:
•
Change the IP address directly on the interface. For instance, if we want to change the IP address
of the lan interface to 10.1.1.2, we could use the CLI command:
gw-world:/> set Interface Ethernet lan IP=10.1.1.2
As explained next, this way of changing the IP address is not recommended.
•
Instead, the ip_lan object in the NetDefendOS Address Book should be assigned the new
address since it is this object that is used by many other NetDefendOS objects such as IP rules.
Note: Additional switch ports
Some systems use an integrated layer 2 switch for providing additional physical
Ethernet ports. Such additional ports are seen as a single interface by NetDefendOS.
Note: Interface enumeration
The startup process will enumerate all available Ethernet interfaces. Each interface
will be given a name of the form lanN, wanN and dmz, where N represents the number
of the interface if your D-Link Firewall has more than one of these interfaces. In most
of the examples in this guide lan is used for LAN traffic and wan is used for WAN
traffic. If your D-Link Firewall does not have these interfaces, please substitute the
references with the name of your chosen interface.
Tip: Specifying multiple IP addresses on an interface
Multiple IP addresses can be specified for an Ethernet interface by using the ARP
Publish feature. (For more information, see Section 3.4, "ARP").
82
Chapter 3. Fundamentals
- Quick Links:
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
