Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules Manual De Referência
Firewall Protection
166
ProSecure Unified Threat Management (UTM) Appliance
To remove one or more entries from the table:
1.
Select the check box to the left of each MAC address that you want to delete, or click
the Select All table button to select all entries.
the Select All table button to select all entries.
2.
Click the Delete table button.
Set Up IP/MAC Bindings
IP/MAC binding allows you to bind an IP address to a MAC address and the other way
around. Some PCs or devices are configured with static addresses. To prevent users from
changing their static IP addresses, the IP/MAC binding feature needs to be enabled on the
UTM. If the UTM detects packets with an IP address that matches the IP address in the
IP/MAC Bindings table but does not match the related MAC address in the IP/MAC Bindings
table (or the other way around), the packets are dropped. If you have enabled the logging
option for the IP/MAC binding feature, these packets are logged before they are dropped.
The UTM displays the total number of dropped packets that violate either the IP-to-MAC
binding or the MAC-to-IP binding.
around. Some PCs or devices are configured with static addresses. To prevent users from
changing their static IP addresses, the IP/MAC binding feature needs to be enabled on the
UTM. If the UTM detects packets with an IP address that matches the IP address in the
IP/MAC Bindings table but does not match the related MAC address in the IP/MAC Bindings
table (or the other way around), the packets are dropped. If you have enabled the logging
option for the IP/MAC binding feature, these packets are logged before they are dropped.
The UTM displays the total number of dropped packets that violate either the IP-to-MAC
binding or the MAC-to-IP binding.
Note:
You can bind IP addresses to MAC addresses for DHCP assignment
on the LAN Groups submenu. See
As an example, assume that three computers on the LAN are set up as follows, and that their
IP and MAC addresses are added to the IP/MAC Bindings table:
IP and MAC addresses are added to the IP/MAC Bindings table:
•
Host 1. MAC address (00:01:02:03:04:05) and IP address (192.168.10.10)
•
Host 2. MAC address (00:01:02:03:04:06) and IP address (192.168.10.11)
•
Host 3. MAC address (00:01:02:03:04:07) and IP address (192.168.10.12)
There are three possible scenarios in relation to the addresses in the IP/MAC Bindings table:
•
Host 1 has not changed its IP and MAC addresses. A packet coming from Host 1 has IP
and MAC addresses that match those in the IP/MAC Bindings table.
•
Host 2 has changed its MAC address to 00:01:02:03:04:09. The packet has an IP
address that matches the IP address in the IP/MAC Bindings table but a MAC address
that does not match the MAC address in the IP/MAC Bindings table.
that does not match the MAC address in the IP/MAC Bindings table.
•
Host 3 has changed its IP address to 192.168.10.15. The packet has a MAC address that
matches the MAC address in the IP/MAC Bindings table but an IP address that does not
match the IP address in the IP/MAC Bindings table.
match the IP address in the IP/MAC Bindings table.
In this example, the UTM blocks the traffic coming from Host 2 and Host 3, but allows the
traffic coming from Host 1 to any external network. The total count of dropped packets is
displayed.
traffic coming from Host 1 to any external network. The total count of dropped packets is
displayed.