notempty
notempty
notempty Dieser Artikel bezieht sich auf eine nicht mehr aktuelle Version!
notempty
Der Artikel für die neueste Version steht hier
Zu diesem Artikel gibt es bereits eine neuere Version, die sich allerdings auf eine Reseller-Preview bezieht
Creating and configuring an Ethernet interface
Last adaptation to the version: v12.5.1
New:
- Ping-Check Host wird zu Ping-Check IP
notempty
This article refers to a Resellerpreview
Creating an Ethernet interface
The creation of an Ethernet interface is done in the menu Tab Network interfaces Button . A wizard opens:
| Caption | Value | Description |  |
|---|---|---|---|
| Name: | Name of the interface. If ther is an existing unused interface by default the next free LANx name is used. The name can also be entered manually. | ||
| IP Address | 192.168.176.1/24 | If the interface is to have a fixed IP, this is entered here. | |
| DHCP-Client: | Here the setting is made whether - and if so, for which IP protocol - the interface should obtain its IP addresses from a DHCP server. | ||
| Zones | Previously created zones can be selected by clicking in the click box. |  | |
| Add new zone: | Yes dmz0 |
Creates a new zone with a freely selectable name (here: dmz0) | |
| Auto-generate rules: | Yes | Creates autogenerated rules to allow network traffic to all previously present networks. notempty These rules serve exclusively to facilitate the commissioning of the interface.
They cannot be edited and must absolutely be replaced by individualized rules and subsequently deactivated or deleted!
| |
Finish the wizard with the button.
Edit an Ethernet interface
The configuration of an Ethernet interface is done in the menu Tab Network interfaces Button
-
GeneralGeneral | |||
| Caption | Value | Description |  |
|---|---|---|---|
| Name: | LAN1 | The name of the interface cannot be changed afterwards. | |
| DHCP-Client: | Here the setting is made whether - and if so, for which IP protocol - the interface should obtain its IP addresses from a DHCP server. | ||
| Router Advertisement: | off | If the UTM has received an IPv6 prefix, it can advertise the subnet via router advertisement in the network segment behind the interface. (See article IPv6 Prefix Delegation ). | |
| IPv6 Prefix Delegation: | off | Enables IPv6 prefex delegation to get IPv6 prefixes allocated on this interface. | |
SettingsSettings | |||
| MTU: | 1500 |
The Maximum Transmission Unit specifies the maximum packet size that can be transmitted without fragmentation. Depending on the type of network (cable, Ethernet, VPN use), other values can help with connection problems here. |
 |
| Autonegotiation: | On | Allows Ethernet network ports to independently negotiate and configure the maximum possible transmission speed and duplexing with each other. | |
| Speed | MBit/s MBit/s MBit/s |
Speed of network communication Only with decativated autonegotiation | |
| Duplex: | Duplex allows data packets to be sent and received simultaneously. HUBs usually only support Halfduplex. Only with decativated autonegotiation. If autonegotiation mode is enabled at one end of the link and full-duplex operation is forced at the other end, the autonegotiating subscriber will recognize the link as half-duplex, resulting in a large number of transmission errors. →Wikipedia | ||
| Route Hint IPv4: | Via the field "Route Hint" it is possible to define the gateway of the interface. This has the advantage, for example, that only the interface (e.g. LAN3) has to be specified in routing and not directly the gateway IP. | ||
| Route Hint IPv6: | Via the field "Route Hint" it is possible to define the gateway of the interface. This has the advantage, for example, that only the interface (e.g. LAN3) has to be specified in routing and not directly the gateway IP. | ||
IP AddressesIP Addresses | |||
| IP Addresses | » ✕192.168.121.1/24» ✕fc80:1234::1/64 | Under the menu item IP addresses one or more addresses can be assigned to an interface. |  |
ZonesZones | |||
| Zones | » ✕internal» ✕firewall-internal» ✕internal_v6» ✕fireall-internal_v6 | Under the menu item Zones the zones of the interface are defined. If the zone internal is not assigned to an interface and the administration via the web interface is not explicitly enabled, the web interface can not be accessed anymore! |
 |
DynDNSDynDNS | |||
| Enabled: | Yes | Enables or disables (default) the DynDNS function |  |
| Hostname: | hostname.spdns.de | Desired Hostname | |
| User: | hostname.spdns.de | The corresponding user name must be entered here. | |
| Password: | The password must be entered here. | ||
| Server: | update.spdyn.de | The securepoint update server | |
| MX: | |||
| Webresolver: | On | Must be activated if the NAT router is located before the DNS | |
| Protocol: | The DNS service can be activated for IPv4 or IPv6 addresses only, or both IPv4 and IPv6. | ||
FallbackFallback | |||
| Fallback interface: | wan3 | Interface that stands in for the main interface in the case of a malfunction. The absence of malfunctions is verified by ping-checking an IP. Further notes on the configuration of a fallback can be found in a separate Wiki article. |
 |
| notempty New as of v12.5.1 Ping-check IP: |
195.243.137.26 | Host to which the ping check is to be performed. This can also be a host in the internal network if necessary. (Here the DNS servers of DENIC in Hamburg and Munich). notempty An IP address must be entered, not an FQDN!
| |
| Ping-check Intervall: | 5 Seconds |
Period between ping attempts | |
| Ping-check Threshold: | 4 Attempts |
Number of failed ping attempts before switching to the fallback interface. | |