1. Software
  2. Novell
  3. Security Manager Powered by Astaro

Standard Ethernet Interface. Novell Security Manager Powered by Astaro

Add to My manuals
292 Pages

advertisement

Standard Ethernet Interface. Novell Security Manager Powered by Astaro | Manualzz

Using Novell Security Manager

4.3.2.1. Standard Ethernet Interface

To configure a network card for a standard Ethernet connection to an internal or external network, you must configure the card with an IP address and netmask.

All network cards installed on Security Manager are shown in the

Hardware List.

Configuring a Standard Ethernet Connection:

1. In the Network tab, open the Interfaces menu.

2. Click on the New button.

The Add Interface window will open.

3. In the Name entry field, enter a descriptive name for the interface.

(example: Externally for an Internet connection)

4. Use the Hardware drop-down menu to select a network card.

Tip:

For an external connection (e.g., to the Internet) choose the card with

Sys ID eth1.

5. Use the drop-down menu Type to select Standard Ethernet

Interface.

Please note that one network card cannot be used as both a Standard

ethernet interface and a PPP over Ethernet (PPPoE-DSL) or

PPPTP over Ethernet (PPPoA-DSL) connection simultaneously.

6. Now make the specific settings for this interface type:

Address: If you wish to use a static IP address for this interface, select Static from the drop-down menu and enter the address to use in the entry field. If you wish to have a gateway dynamically assigned via DHCP, select Assign by DHCP from the drop-down menu.

Important Note:

If you wish to configure the Uplink Failover on Interface function, observe the description of this function while entering the network!

Netmask: If you wish to use a statically defined network mask for this interface, use the drop-down menu to select Static and enter the

97

Using Novell Security Manager netmask to use in the entry field. If you wish to have a netmask dynamically assigned via DHCP, select Assign by DHCP from the drop-down menu.

Default Gateway: If you wish to use a statically defined default gateway, use the drop-down menu to select Static and enter the address of the gateway in the entry field. If you wish to have a gateway dynamically assigned via DHCP, select Assign by DHCP from the drop-down menu. Otherwise, select None.

Proxy ARP: When this function is enabled, Novell Security Manager will answer ARP requests on the selected interface for all known networks. This system will thus act as a proxy on this interface for all of the other directly-connected networks.

This function is only required in special cases, for example when an attached network cannot be configured with normal routing entries

(e.g., when the network includes a router over which you have no control).

By default, the Proxy ARP function is disabled (Off). To enable it, select On from the drop-down menu.

Uplink Failover on Interface: This function will only displayed, if the parameter Assign by DHCP or Static has been selected in the

Default Gateway drop-down menu.

If a network card is an interface to the Internet (e.g., 2 Megabit fixed connection) you can configure a standby connection by a second

Internet access (e.g., DSL connection) and an additional network card.

If the primary connection fails, the uplink will automatically be set up through the backup Internet access. In order to monitor the connection, the Primary Interface sends four ping requests to the Uplink

Failover check IP every five seconds. Only if all four ping requests are not replied to, the Backup Interface is loaded.

When the Internet connection is established via the Backup Interface the ping requests are still sent by the Primary Interface. As soon as the Security Manager receives the corresponding reply packages to the ping requests again, the Internet connection is again established by the Primary Interface.

Important Note:

When the Uplink Failover on Interface function is used, two different networks must be defined on the Primary and Backup Inter-

face. Therefore you need two separate Internet accesses next to the additional network card.

Uplink Failover on Interface is by default disabled (Off). If you wish to use this network card as primary Internet connection, then configure it in the Primary Interface drop-down menu. If this net-

98

Using Novell Security Manager work card shall contain the standby connection, select the setting

Backup Interface.

Uplink Failover check IP: This entry field will be displayed if the

Primary Interface setting has been selected for the Uplink Failover

on Interface function. Enter the IP address of a host here, which replies to the ICMP Ping requests and which, in addition to that, is always reachable! Novell Security Manager will send ping requests to this host: if no answer is received, the backup interface will be enabled by the failover. In this entry field, there must always be an IP address for the failover!

Monitor Interface Usage: This function monitors the bandwidth on the interface. Once, the bandwidth falls short of or exceeds a specific value, a notification e-mail will be sent to the administrator.

The maximum available bandwidth must be entered for the Monitor

Interface Usage function into the Uplink Bandwidth (kbits) and

Downlink Bandwidth (kbits) entry fields. The notification e-mail to the administrator will be sent, as soon as the actually available bandwidth falls off or exceeds a predefined limit value. The limit values are configured with the Notify drop-down menus.

The settings will only be displayed once the Monitor Interface Usage function is enabled (On).

QoS Status: In order to use Quality of Service (QoS) bandwidth management on an interface, enable this option. To enable the

Quality of Service (QoS) function, select On from the drop-down menu.

Important Note:

For the bandwidth management Quality of Service (QoS) you must define the values for Uplink Bandwidth (kbits) and Downlink

Bandwidth (kbits). These values are used as basis for the bandwidth management system: incorrect values can lead to poor management of the data flow. The Quality of Service (QoS) function is described in chapter 4.5.1.

Uplink Bandwidth (kbits): This setting will only appear, if the QoS or Monitor Interface Usage function is enabled. In this entry menu, enter the available bandwidth for the Uplink in full kilobits. This value can be determined either from the values of the upstream interface or from the router. On an interface to the Internet, this value corresponds to the bandwidth of the Internet connection - on an ADSL access the Uplink bandwidth amounts to 128 kBit/s and on a 2-

Megabit fixed connection to 2048 kBit/s.

Downlink Bandwidth (kbits): This setting will only appear, if the

QoS or Monitor Interface Usage function is enabled. In this entry menu, enter the available bandwidth for the Downlink in full kilobits.

99

Using Novell Security Manager

On an interface to the Internet, this value corresponds to the bandwidth of the Internet connection - on an ADSL access the Downlink bandwidth amounts to 768 kBit/s and on a 2-Megabit fixed connection to 2048 kBit/s.

Notify when uplink usage below (%): This setting will only be displayed, when the Monitor Interface Usage function is enabled.

Use the drop-down menu to configure the lower threshold for the uplink.

Notify when uplink usage exceeds (%): This setting will only be displayed, when the Monitor Interface Usage function is enabled.

Use the drop-down menu to configure the upper threshold for the uplink.

Notify when downlink usage below (%): This setting will only be displayed, when the Monitor Interface Usage function is enabled.

Use the drop-down menu to configure the lower threshold for the downlink.

Notify when downlink usage exceeds (%): This setting will only be displayed, when the Monitor Interface Usage function is enabled. Use the drop-down menu to configure the upper value for the downlink.

MTU Size: The MTU is the size (in bytes) of the largest transmittable packet. MTU stands for Maximum Transfer Unit. For connections, using the TCP/IP protocol, the data will be grouped into packets. A maximum size will be defined for these packets. Packets larger than this value will be considered too long for the connection and fragmented into smaller ones before transmission. These data packets will be sent again. However, the performance can be limited, if the upper value is too low.

The largest possible MTU for an Ethernet interface is 1500 Bytes.

The following value is the default for the Standard Ethernet

Interface: 1500 Byte.

7. Confirm these settings by clicking Add.

The system will now check the address and network mask for semantic validity. After a successful check, the new interface will appear in the Current Interface Status table. The interface is not yet enabled (status light is red).

8. Enable the interface by clicking the status light.

The interface is now enabled (status light shows green). The Oper column will at first show that the interface is Down: the system requires a short time to configure and load the settings.

100

advertisement

Related manuals

Novell Security Manager Powered by Astaro User guide

Novell

Security Manager Powered by Astaro

  • User Guide
Cycos mrs 5.0 Administrator's Manual

Cycos

mrs 5.0

  • User manual
Astaro ASG 625 Network Security, 1Y Sub RNW Data Sheet

Astaro

ASGN01201NS

  • Data Sheet
Panda WebAdmin Antivirus Datasheet

Panda

WebAdmin Antivirus

  • Data Sheet
Astaro Security Gateway 320 Datasheet

Astaro

STU3200AP

  • Data Sheet
Download PDF

advertisement

Table of contents