LAN Configuration
94
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Hosts and routers in the LAN use NDP to determine the link-layer addresses and related
information of neighbors in the LAN that can forward packets on their behalf. The wireless
VPN firewall periodically distributes router advertisements (RAs) throughout the DMZ to
provide such information to the hosts and routers in the DMZ. RAs include IPv6 addresses,
types of prefixes, prefix addresses, prefix lifetimes, the maximum transmission unit (MTU),
and so on. In addition to configuring the RADVD, you also need to configure the prefixes that
are advertised in the DMZ RAs.
The following table provides an overview of how information is obtained in the DMZ when you
have configured a stateless DHCPv6 server and the RADVD:
When the Managed flag is set in the RADVD, the DHCPv6 server can assign IP addresses,
and the RADVD also assigns IP addresses in the sense that it provides information that
allows IPv6 clients to configure their own IPv6 address.
When the Other flag is set, the DHCPv6 server does not assign IP addresses but provides
DNS server and other configuration information only.
To configure the Router Advertisement Daemon for the DMZ:
1. Select Network Configuration > DMZ Setup.
2. In
the upper right of the screen, select the IPv6 radio button. The DMZ Setup screen
displays the IPv6 settings (see Figure 45 on
page 90).
3. Click the RA
DVD option arrow to the right of the DMZ Setup tab. The RADVD screen for the
DMZ displays. (The following figure contains some examples.)
Table 21. DHCPv6 and RADVD interaction in the DMZ
Flags in the RADVD DHCPv6 Server Provides RADVD Provides
Managed RA flag is set • IP address assignment
• DNS server and other configuration information
• IP address assignment
• Prefix
• Prefix length
• Gateway address
Other RA flag is set DNS server and other configuration information • IP address assignment
• Prefix
• Prefix length
• Gateway address