Manualshelf

Specifications

ManualsBrandsWaters Network Systems ManualsComputer equipmentProSwitch-Quad Series
81828384858687888990
LAN Configuration
87
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
VLAN DHCP Options
For each VLAN, you need to specify the Dynamic Host Configuration Protocol (DHCP)
options (see Configure a VLAN Profile on page 88). The configuration of the DHCP options
for the VPN firewall’s default VLAN, or VLAN 1, is described in Configure the IPv4 Internet
Connection and WAN Settings on page 29.
This section provides further information about
the DHCP options.
DHCP Server
The default VLAN (VLAN 1) has the DHCP server option enabled by default, allowing the
VPN firewall to assign IP, DNS server, WINS server, and default gateway addresses to all
computers connected to the VPN firewall’s LAN. The assigned default gateway address is
the LAN address of the VPN firewall. IP addresses are assigned to the attached computers
from a pool of addresses that you need to specify. Each pool address is tested before it is
assigned to avoid duplicate addresses on the LAN. When you create a VLAN, the DHCP
server option is disabled by default.
For most applications, the default DHCP server and TCP/IP settings of the VPN firewall are
satisfactory
.
The VPN firewall delivers the following settings to any LAN device that requests DHCP:
An IP address from the range that you have defined
Subnet mask
Gateway IP address (the VPN firewall’
s LAN IP address)
Primary DNS server (the VPN firewall’s LAN IP address)
WINS server (if you entered a WINS server address in the DHCP Setup screen)
Lease time (the date obtained and the duration of the lease)
DHCP Relay
DHCP relay options allow you to make the VPN firewall a DHCP relay agent for a VLAN. The
DHCP relay agent makes it possible for DHCP broadcast messages to be sent over routers
that do not support forwarding of these types of messages. The DHCP relay agent is
therefore the routing protocol that enables DHCP clients to obtain IP addresses from a DHCP
server on a remote subnet. If you do not configure a DHCP relay agent for a VLAN, its clients
can obtain IP addresses only from a DHCP server that is on the same subnet. To enable
clients to obtain IP addresses from a DHCP server on a remote subnet, you need to
configure the DHCP relay agent on the subnet that contains the remote clients, so that the
DHCP relay agent can relay DHCP broadcast messages to your DHCP server.
DNS Proxy
When the DNS proxy option is enabled for a VLAN, the VPN firewall acts as a proxy for all
DNS requests and communicates with the ISP’s DNS servers (as configured on the WAN
IPv4 ISP Settings screens). All DHCP clients receive the primary and secondary DNS IP
addresses along with the IP address where the DNS proxy is located (that is, the VPN