D-Link DFL-860E User Manual for DFL-260E - Page 238
Enabling Internet Access
View all D-Link DFL-860E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 238 highlights
4.7.2. Enabling Internet Access Chapter 4. Routing • Define a static ARP table entry which maps the MAC address FF-FF-FF-FF-FF-FF to the IPv4 address 255.255.255.255. • Configure DHCP relay to the DHCP server IP address 255.255.255.255. 4.7.2. Enabling Internet Access A common misunderstanding when setting up Transparent Mode is how to correctly set up access to the public Internet. Below is a typical scenario where a number of users on an IP network called lannet access the Internet via an ISP's gateway with IP address gw-ip. Figure 4.18. Non-transparent Mode Internet Access The non-switch route usually needed to allow Internet access would be: Route type Non-switch Interface if1 Destination all-nets Gateway gw-ip Now lets suppose the NetDefend Firewall is to operate in transparent mode between the users and the ISP. The illustration below shows how, using switch routes, the NetDefend Firewall is set up to be transparent between the internal physical Ethernet network (pn2) and the Ethernet network to the ISP's gateway (pn1). The two Ethernet networks are treated as a single logical IP network in Transparent Mode with a common address range (in this example 192.168.10.0/24). Figure 4.19. Transparent Mode Internet Access In this situation, any "normal" non-switch all-nets routes in the routing table should be removed and replaced with an all-nets switch route (not doing this is a common mistake during setup). This switch route will allow traffic from the local users on Ethernet network pn2 to find the ISP gateway. These same users should also configure the Internet gateway on their local computers to be the ISPs 238