2.
Select the following from the dropdown lists:
•
Mode: Static
•
Interface: lan
3.
Enter the following:
•
IP Address: 192.168.10.15
•
MAC: 4b-86-f6-c5-a2-14
4.
Click OK
Published ARP Objects
NetDefendOS supports publishing IP addresses on a particular interface, optionally along with a
specific MAC address instead of the interfaces MAC address. NetDefendOS will then send out these
as ARP replies for any ARP requests received on the interface related to the published IP addresses.
This can done for a number of reasons:
•
To give the impression that an interface in NetDefendOS has more than one IP address.
This is useful if there are several separate IP spans on a single LAN. The hosts on each IP span
may then use a gateway in their own span when these gateway addresses are published on the
corresponding NetDefendOS interface.
•
Another use is publishing multiple addresses on an external interface, enabling NetDefendOS to
statically address translate traffic to these addresses and send it onwards to internal servers with
private IP addresses.
•
A less common purpose is to aid nearby network equipment responding to ARP in an incorrect
manner.
Publishing Modes
There are two publishing modes available when publishing a MAC/IP address pair:
•
Publish
•
XPublish
In both cases, an IP address and an associated MAC address are specified. If the MAC address is not
specified (is all zeroes) then the MAC address of the sending physical interface is used.
To understand the difference between Publish and XPublish it is necessary to understand that when
NetDefendOS responds to an ARP query, there are two MAC addresses in the Ethernet frame sent
back with the ARP response:
1.
The MAC address in the Ethernet frame of the Ethernet interface sending the response.
2.
The MAC address in the ARP response which is contained within this frame. This is usually
the same as (1) the source MAC address in the Ethernet frame but does not have to be.
These are shown in the illustration below of an Ethernet frame containing an ARP response:
3.4.3. Creating ARP Objects
Chapter 3. Fundamentals
115
Summary of Contents for DFL-1600 - Security Appliance
Page 27: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 27 ...
Page 79: ...2 7 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 79 ...
Page 146: ...3 9 DNS Chapter 3 Fundamentals 146 ...
Page 227: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 227 ...
Page 241: ...5 4 IP Pools Chapter 5 DHCP Services 241 ...
Page 339: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 339 ...
Page 360: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 360 ...
Page 382: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 382 ...
Page 386: ... The TLS ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 386 ...
Page 439: ...Figure 9 3 PPTP Client Usage 9 5 4 PPTP L2TP Clients Chapter 9 VPN 439 ...
Page 450: ...9 7 6 Specific Symptoms Chapter 9 VPN 450 ...
Page 488: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 488 ...
Page 503: ...11 6 HA Advanced Settings Chapter 11 High Availability 503 ...
Page 510: ...12 3 5 Limitations Chapter 12 ZoneDefense 510 ...
Page 533: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 533 ...