Netgear FVS318Gv2 – ProSAFE VPN Firewall Series Manual De Referencia
LAN Configuration
72
NETGEAR ProSAFE VPN Firewall FVS318G v2
up the network database. For more information, see
The network database is updated by these methods:
•
DHCP client requests. When the DHCP server is enabled, it accepts and responds to
DHCP client requests from computers and other network devices. These requests also
generate an entry in the network database. This is an advantage of enabling the DHCP
server feature.
DHCP client requests from computers and other network devices. These requests also
generate an entry in the network database. This is an advantage of enabling the DHCP
server feature.
•
Scanning the network. The local network is scanned using Address Resolution Protocol
(ARP) requests. The ARP scan detects active devices that are not DHCP clients.
(ARP) requests. The ARP scan detects active devices that are not DHCP clients.
In large networks, scanning the network might generate unwanted traffic. When the VPN
firewall receives a reply to an ARP request, it might not be able to determine the device
name if the software firewall of the device blocks the name.
firewall receives a reply to an ARP request, it might not be able to determine the device
name if the software firewall of the device blocks the name.
•
Manual entry. You can manually enter information about a network device.
These are some advantages of the network database:
•
Generally, you do not need to enter an IP address or a MAC address. Instead, you can
select the name of the desired computer or device.
select the name of the desired computer or device.
•
You do not need to reserve an IP address for a computer in the DHCP server. All IP
address assignments made by the DHCP server are maintained until the computer or
device is removed from the network database, either by expiration (inactive for a long
time) or by you.
address assignments made by the DHCP server are maintained until the computer or
device is removed from the network database, either by expiration (inactive for a long
time) or by you.
•
You do not need to use a fixed IP address on a computer. Because the IP address
allocated by the DHCP server never changes, you do not need to assign a fixed IP
address to a computer to ensure that it always uses the same IP address.
allocated by the DHCP server never changes, you do not need to assign a fixed IP
address to a computer to ensure that it always uses the same IP address.
•
A computer is identified by its MAC address—not its IP address. The network database
uses the MAC address to identify each computer or device. Therefore, changing a
computer’s IP address does not affect any restrictions applied to that computer.
uses the MAC address to identify each computer or device. Therefore, changing a
computer’s IP address does not affect any restrictions applied to that computer.
•
Control over computers can be assigned to groups and individuals:
-
You can assign computers to groups (see
on this
page) and apply restrictions (outbound rules and inbound rules) to each group (see
-
You can select groups that are allowed access to URLs that you blocked for other
groups, or the other way around, block access to URLs that you allowed access to for
groups (see
groups, or the other way around, block access to URLs that you allowed access to for
groups (see
-
If necessary, you can also create firewall rules to apply to a single computer (see
on page 196). Because the MAC address is used to
identify each computer, users cannot avoid these restrictions by changing their IP
address.
address.
This section contains the following topics:
•
•