ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
3-6 LAN Configuration
v1.1, August 2010
The Network Database is updated by these methods:
• DHCP Client Requests. By default, the DHCP server in this VPN firewall is enabled, and
will accept and respond to DHCP client requests from PCs and other network devices. These
requests also generate an entry in the Network Database. Because of this, leaving the DHCP
Server feature (on the LAN screen) enabled is strongly recommended.
• Scanning the Network. The local network is scanned using standard methods such as ARP.
This will detect active devices which are not DHCP clients. However, sometimes the name of
the PC or device cannot be accurately determined, and will be shown as Unknown.
• Manual Entry. You can manually enter information about a network device.
Creating the Network Database
Some advantages of the Network Database are:
• Generally, you do not need to enter either IP address or MAC addresses. Instead, you can just
select the desired PC or device.
• No need to reserve an IP address for a PC in the DHCP Server. All IP address assignments
made by the DHCP Server will be maintained until the PC or device is removed from the
database, either by expiry (inactive for a long time) or by you.
• No need to use a fixed IP address on PCs. Because the address allocated by the DHCP Server
will never change, you do not need to assign a fixed IP address to a PC to ensure it always has
the same IP address.
• MAC level control over PCs. The Network Database uses the MAC address to identify each
PC or device. So changing a PC’s IP address does not affect any restrictions on that PC.
• Group and individual control over PCs.
– You can assign PCs to groups and apply restrictions to each group using the Firewall
Rules screen (see “Using Rules to Block or Allow Specific Kinds of Traffic” on page 4-2).
– You can also select the groups to be covered by the Block Sites feature (see “Blocking
Internet Sites (Content Filtering)” on page 4-30).
– If necessary, you can also create firewall rules to apply to a single PC (see “Configuring
Source MAC Filtering” on page 4-33). Because the MAC address is used to identify each
PC, users cannot avoid these restrictions by changing their IP address.
• A computer is identified by its MAC address—not its IP address. Hence, changing a
computer’s IP address does not affect any restrictions applied to that PC.