Chapter 8
Configuration of network services
110
Warning
In rules for DNS requests, it is necessary to enter an expression matching the full DNS
name! If, for example, the
kerio.c*
expression is introduced, only names
kerio.cz
,
kerio.com
etc. would match the rule and host names included in these domains (such
as
www.kerio.cz
and
secure.kerio.com
) would not!
•
Use the
Reverse DNS query
alternative to specify rule for DNS queries on IP addresses
in a particular subnet. Subnet is specified by a network address and a corresponding
mask (i.e.
192.168.1.0 / 255.255.255.0
).
•
Use the
Then forward query to DNS Server(s)
field to specify IP address(es) of one or
more DNS server(s) to which queries will be forwarded.
If multiple DNS servers are specified, they are considered as primary, secondary, etc.
If the
Do not forward
option is checked, DNS queries will not be forwarded to any
other DNS server —
WinRoute
will search only in the
hosts
local file or in DHCP ta-
bles (see below). If requested name or IP address is not found, non-existence of the
name/address is reported to the client.
8.2 DHCP server
The DHCP protocol (
Dynamic Host Configuration Protocol
) is used for easy TCP/IP configura-
tion of hosts within the network. Upon an operation system start-up, the client host sends
a configuration request that is detected by the DHCP server. The DHCP server selects appro-
priate configuration parameters (IP address with appropriate subnet mask and other optional
parameters, such as IP address of the default gateway, addresses of DNS servers, domain
name, etc.) for the client stations. All client parameters can be set at the server only — at
individual hosts, enable the option that TCP/IP parameters are configured automatically from
the DHCP server. For most operating systems (e.g.
Windows
,
Linux
, etc.), this option is set by
default — it is not necessary to perform any additional settings at client hosts.
The DHCP server assigns clients IP addresses within a predefined scope for a certain period
(
lease time
). If an IP address is to be kept, the client must request an extension on the period
of time before the lease expires. If the client has not required an extension on the lease time,
the IP address is considered free and can be assigned to another client. This is performed
automatically and transparently.
So called reservations can be also defined on the DHCP server — certain clients will have their
own IP addresses reserved. Addresses can be reserved for a hardware address (MAC) or a host
name. These clients will have fixed IP address. These addresses are configured automatically.
Using DHCP brings two main benefits. First, the administration is much easier than with the
other protocols as all settings may be done at the server (it is not necessary to configure
individual workstations). Second, many network conflicts are eliminated (i.e. one IP address
cannot be assigned to more than one workstation, etc.).
Summary of Contents for KERIO WINROUTE FIREWALL 6
Page 1: ...Kerio WinRoute Firewall 6 Administrator s Guide Kerio Technologies s r o...
Page 157: ...12 3 Content Rating System Kerio Web Filter 157 Figure 12 7 Kerio Web Filter rule...
Page 247: ...19 4 Alerts 247 Figure 19 14 Details of a selected event...
Page 330: ...Chapter 23 Kerio VPN 330 Figure 23 55 The Paris filial office VPN server configuration...
Page 368: ...368...