Ethernet

General parameters

Name ?Specifies the name of the Ethernet interface. Auto-generated interfaces are always given the name ifN, where N represents the number of the interface.

IP Address ?The IP address of the interface. These are the addresses that may be used to ping the firewall, remotely control it and be used as source address for dynamically translated connections. To simulate the effect of an interface having more than one IP address, you can publish IP addresses on the interface using ARP.

Broadcast ?The broadcast address of the connected network. This is the highest address available on the network. In the case of a 32-address network, the broadcast address is the network address +31, e.g. if the network has an address of 192.168.123.64 255.255.255.224, its broadcast address is 192.168.123.95. The broadcast address is the address to which information that is to reach all computers connected to the network is sent.

Device Driver Settings? Shows a brief summary of the network adapter? hardware configuration. Clicking on Configure to bring up a dialog box detailing the hardware settings. Please see item Device Driver Settings.

Amaranten Firewall includes a DHCP client for dynamic assignment of address information. The information that can be set using DHCP includes the IP and broadcast address of the interface, the local network that the interface is attached to, and the default gateway.

All addresses received from the DHCP server are assigned to corresponding Hosts & Networks configuration items. In this way, dynamically assigned addresses can be used throughout the firewall configuration in the same way as static addresses.

Enable DHCP Client ?Specifies that DHCP should be enabled on this interface.

Automatically Assign Names ?If this option is selected, the DHCP client will use pre-defined Hosts & Networks names for DHCP assigned addresses:

• The interface IP address received from the DHCP server will be assigned to ip_if1, where if1 is the name of the interface.

• The interface broadcast address received from the DHCP server will be assigned to br_if1, where if1 is the name of the interface.

• The network address received from the DHCP server will be assigned to if1net, where if1 is the name of the interface..

If this option is not selected, user-defined names can be specified under the DHCP Advanced tab.

Assign Default Gateway ?If this option is selected, the DHCP client will assign the received default gateway address to the host gw-world. If not selected, a user-defined name can be specified under the DHCP Advanced tab.

The third page of the Ethernet properties dialog box contains advanced DHCP settings.

Names of Assigned Addresses ?If the Automatically Assign Names check box is not set, the parameters received for Interface IP, Broadcast IP and Network need to be assigned to symbolic names. The same is true for Default Gateway if Assign Default Gateway is not set.

Preferred IP Address - This is an option that can be sent to the DHCP server requesting a certain IP. It is up to the DHCP server implementation to grant or ignore this request. This is normally left blank since most DHCP servers just ignore it.

Preferred Lease Time - This option can be used to request a certain lease time for the received leases. This is normally left blank since most DHCP servers will only offer the lease time that they have been configured to offer.

Allow static route assignments - This will allow and assign static routes from the DHCP server. This is rarely ever used and is disabled by default.

Don? allow IP collisions with static routes - When this option is set, the firewall will verify that the offered IP address for the interface does not conflict with routing information that the firewall does not already knows about, not counting the default route and own local routes.

Don't allow network collisions with static routes - When this option is set, the firewall will verify that an offered route doesn't collide with other interfaces routes, not counting the default route.

Lease Filter - What ranges are accepted as valid leases from the DHCP server.

Server Filter - Specifies a IP for range of IP's that are allowed to give DHCP leases.

Note: When collision detection is enabled the firewall verifies that a lease acquired from the DHCP server doesn? conflicts with previous interfaces. If a collision is detected the DHCP-client will reject the network parameters and prevent the firewall from routing internal packets to the outside and vice versa.

The Device Driver Settings dialog box shown to the right, is used to configure Ethernet adapter parameters.

Driver ? Specifies the device driver that should be used for this interface. Select the driver that corresponds to the Ethernet adapter installed in the firewall. For more information about what Ethernet adapters that are supported, please see the Hardware Compatibility List online.

Bus ?Specifies the number of the PCI bus where the Ethernet adapter is installed.

Slot ?Specifies the PCI slot number used by the Ethernet adapter.

Port ?Some Ethernet adapters have multiple ports that share the same bus and slot number. This parameter specifies what port to be used.

Media ?Specifies if the link speed should be auto-negotiated or locked to a static speed.

Duplex ? Specifies if duplex should be auto-negotiated or locked to full or half duplex.