Jump to:navigation, search
Wiki

Die Seite Vorlage:Ui-icon.css hat keinen Inhalt.



























De.png
Fr.png


Creating and configuring an Ethernet interface

Last adaptation to the version: 12.2 (10.2021)

New:

  • Changes in the Layout dialog
  • Translation


Previous versions: 11.7


Creating an Ethernet interface

The creation of an Ethernet interface is done in the menu → Network →Network configurationTab Network interfaces Button Ethernet . A wizard opens:

caption: value: Description: UTM v12.1 Netzwerk Ethernet-Schnittstelle Schritt1-en.png
Name: LAN4 Name of the interface.
By default the next free ethx name is used.
But a name can also be entered manually.
IP Address 192.168.176.1/24 If the interface is to have a fixed IP, this is entered here.
DHCP client: off
IPv4
IPv6
IPv4 & IPv6
Here the setting is made whether - and if so, for which IP protocol - the interface should obtain its IP addresses from a DHCP server.
Zones:     Previously created zones can be selected by clicking in the click box. UTM v12.1 Netzwerk Ethernet-Schnittstelle Schritt2-en.png
Add new zone: Yes
dmz0
Creates a new zone with a freely selectable name (here: dmz0)
Auto-generate rules: Yes Creates autogenerated rules to allow network traffic to all previously present networks.
These rules serve exclusively to facilitate the commissioning of the interface.

They cannot be edited and must absolutely be replaced by individualized rules and subsequently deactivated or deleted!

Finish the wizard with the Finish button.


Edit an Ethernet interface

The configuration of an Ethernet interface is done in the menu → Network →Network configurationTab Network interfaces Button

General

General
caption: value: Description: UTM v12.1 Ethernet Schnittstelle bearbeiten-allgemein-en.png
Name: LAN1 The name of the interface cannot be changed afterwards.
DHCP client: off
IPv4
IPv6
IPv4 & IPv6
Here the setting is made whether - and if so, for which IP protocol - the interface should obtain its IP addresses from a DHCP server.
Router Advertisement: off If the UTM has received an IPv6 prefix, it can advertise the subnet via router advertisement in the network segment behind the interface. (See article IPv6 Prefix Delegation).
IPv6 Prefix Delegation: off Enable IPv6 prefex delegation to get IPv6 prefixes allocated on this interface.

Settings

Settings
MTU: 1500Link= The Maximum Transmission Unit specifies the maximum packet size that can be transmitted without fragmentation.Depending on the type of network (cable, Ethernet, VPN use), other values can help with connection problems here. UTM v12.1 Ethernet Schnittstelle bearbeiten-Einstellungen-en.png
Autonegotiation: On Allows Ethernet network ports to independently negotiate and configure the maximum possible transmission speed and duplexing with each other.
Speed 10 MBit/s
100 MBit/s
1000 MBit/s
Speed of network communication
Only with decativated autonegotiation
Duplex full
half
Duplex allows data packets to be sent and received simultaneously. HUBs usually only support half duplex.
Only with decativated autonegotiation. If autonegotiation mode is enabled at one end of the link and full-duplex operation is forced at the other end, the autonegotiating subscriber will recognize the link as half-duplex, resulting in a large number of transmission errors. →Wikipedia
Route Hint IPv4: 192.0.2.192/---  Via the field "Route Hint" it is possible to define the gateway of the interface. This has the advantage, for example, that only the interface (e.g. LAN3) has to be specified in routing and not directly the gateway IP.
Route Hint IPv6: 2001:DB8::123/---  Via the field "Route Hint" it is possible to define the gateway of the interface. This has the advantage, for example, that only the interface (e.g. LAN3) has to be specified in routing and not directly the gateway IP.

IP Addresses:

IP Addresses:
IP Addresses: »192.168.121.1/24»fc80:1234::1/64 Under the menu item IP addresses one or more addresses can be assigned to an interface. UTM v12.1 Ethernet Schnittstelle bearbeiten-IP-Adressen-en.png

Zones:

Zones:
Zones: »internal»firewall-internal»internal_v6»fireall-internal_v6 Under the menu item Zones the zones of the interface are defined.
  • Important: The zone internal should always be assigned to an interface.
    If the zone internal is not assigned to an interface and the administration via the web interface is not explicitly enabled, the web interface can not be accessed anymore!
  • UTM v12.1 Ethernet Schnittstelle bearbeiten-Zonen-en.png

    DynDNS

    DynDNS
    Under the DynDNS menu item, a domain name can be assigned to the interface, which e.g. only has a dynamic IP, via which the interface can be reached.
    Securepoint offers the service SPDyn free of charge.
    Further information about the configuration can be found in a separate Wiki Artikel
    UTM v12.1 Ethernet Schnittstelle bearbeiten-dyndns-en.png

    Fallback

    Fallback
    Fallback interface:     Interface that stands in for the main interface in the case of a malfunction.
    The absence of malfunctions is verified by ping-checking a host.
    Further notes on the configuration of a fallback can be found in a separate Wiki article.
    UTM v12.2 Netzwerkschnittstellen Fallback wan-en.png
    Ping-check Host: 195.243.137.26 Host to which the ping check is to be performed.
    This can also be a host in the internal network if necessary.
    (Here the DNS servers of DENIC in Hamburg and Munich).
    Ping-check Intervall: 5Link= seconds Period between ping attempts
    Ping-check Threshold: 4Link= attempts Number of failed ping attempts before switching to the fallback interface.