Chapter 11. Network Configuration
- Table of Contents
- Networks and Computers
- Interface Eth0, Eth1, ...
- NAT
- PPPoE
Under Network, you configure:
Network groups which are used for the firewall configuration
The firewall's IP addresses on all network interfaces
Routings for the networks so that computers behind routers can be contacted
NAT (IP masquerading)
PPPoE settings
Networks and Computers
Here, you name groups of computers and networks. Sometimes it can be useful to give a group of computers a network name, such as Administration. If you want to group some computers, this can be done here, even if they do not have consecutive IP addresses. You can also include a subgroup when defining a new network group.
These names are used when you configure Rules, Filtering, Registrar and Users and other settings.
The rows are sorted in alphabetical order, except that all upper case letters are sorted before lower case letters (B comes before a).
When using an already defined group as a subgroup, select the name of the group under Subgroup. Set Interface to '-' and leave the other fields empty.
Name
Enter a name for the group of computers. You can use this name when you change configuration on the pages mentioned above. A group can consist of several rows of IP addresses or series of IP addresses. By clicking on the plus sign beside the name, you add more rows where you can specify more IP addresses for this group.
Subgroup
An already defined group can be used as a subgroup to new groups. Select the old group here and leave the fields for DNS name empty. Select '-' as Interface. If you don't want to use a subgroup, select '-' here.
Lower limit
DNS name or IP address
Enter the DNS name or IP address of the network or computer. For computers in a series that you want to give a network name, enter the first IP address in the series. DNS name or IP address must not be empty if you are not using a subgroup.
IP address
The IP address of the object you entered in the DNS name or IP address field is displayed here. This field is not updated until you click on Look up all IP addresses again or make changes in the DNS name or IP address field.
Upper limit
DNS name or IP address
Here, enter the last DNS name/IP address of the network or group. For computers in a series that you want to give a network name, enter the last IP address in the series. The IP address in Upper limit must be at least as high as the one in Lower limit. If this field is left empty, only the IP address in Lower limit is used. If you use a subgroup, leave this field empty.
IP address
The IP address of the object you entered in the DNS name or IP address field is displayed here. This field is not updated until you click on Look up all IP addresses again or make changes in the DNS name or IP address field.
Interface
If the interface '-' is chosen, the group will consist of all IP addresses in the interval between Lower limit and Upper limit, regardless of what interface they are connected to. By selecting an Interface, you constrain the group to consist only of the IP addresses in the interval that really are connected to the selected interface.
For example, if 10.20.0.0 - 10.20.0.255 are IP addresses behind the interface DMZ-1 and the lower and upper limits are 10.10.10.20 and 255.255.255.255 respectively, choosing DMZ-1 as Interface will cause the group to consist of the IP addresses 10.20.0.0 - 10.20.0.255, being the IP addresses in the interval actually connected to the selected interface.
If you have selected a subgroup, the Interface should be '-'. If you want to define a network group at the remote side of a VPN connection, the Interface should be '-'.
Delete row
If you select this box, the row is deleted when you click on Add new rows, Save, or Look up all IP addresses again.
Add new rows
Enter the number of new groups and rows you want to add to the table, and then click on Add new rows.
Save
Saves the Networks and Computers configuration to the preliminary configuration.
Undo
Clears and resets all fields in new rows and reset changes in old rows.