Motorola Netopia® Router Connection Profile Commands 3-21
Beginning with Firmware Version 8.3.3, IP Passthrough allows a
first come first ser ve
mode, which defaults to
an all-zeroes MAC address.
If you leave the default all-zeroes MAC address, the Router will select the next DHCP client that initiates a DHCP
lease request or renewal to be the IP passthrough host. When the WAN comes up, or if it is already up, the
Router will ser ve this client the IP passthrough/WAN address. When this client's lease ends, the IP
passthrough address becomes available for the next client to initiate a DHCP transaction. The next client will
get the IP passthrough address. Note that there is no way to control which PC has the IP passthrough address
without releasing all other DHCP leases on the LAN.
Note:
If you specify a non-zeroes MAC address, the DHCP Client Identifier must be in the format specified
above. Macintosh computers allow the DHCP Client Identifier to be entered as a name or text, however
Motorola Netopia
®
routers accept only strict (binar y/hex) MAC address format. Macintosh computers display
their strict MAC addresses in the TCP/IP Control Panel (Classic MacOS) or the Network Preference Pane of
System Preferences (Mac OS X).
Once configured, the passthrough host's DHCP leases will be shor tened to two minutes. This allows for timely
updates of the host's IP address, which will be a private IP address
before
the WAN connection is established.
After
the WAN connection is established and has an address, the passthrough host can renew its DHCP
address binding to acquire the WAN IP address.
A restriction
Since both the router and the passthrough host will use same IP address, new sessions that conflict with
existing sessions will be rejected by the router. For example, suppose you are a teleworker using an IPSec
tunnel from the router
and
from the passthrough host. Both tunnels go to the same remote endpoint, such as
the VPN access concentrator at your employer’s office. In this case, the first one to star t the IPSec traffic will
be allowed; the second one – since, from the WAN it's indistinguishable – will fail.
Stateful Inspection Commands
See also:
■
“Stateful Inspection Commands” on page 2-85
for Global Stateful Inspection commands.
■
“Stateful Inspection Configuration Commands” on page 2-32
for Ethernet inter face commands.
Note:
The commands in this section are suppor ted beginning with Firmware Version 8.2.
cp
{
name
|
index
}
ip
state-insp
enable
{
yes
|
no
|
on
|
off
}
no
cp
{
name
|
index
}
ip
state-insp
enable
show
cp
{
name
|
index
}
ip
state-insp
enable
These commands allow you to set, disable, or show the status of stateful inspection for the specified
Connection Profile. This option is disabled by default. Stateful inspection prevents unsolicited inbound access
when NAT is disabled.
Содержание CLI 874
Страница 1: ...Command Line Interface Commands Reference Firmware Version 8 7 4 Motorola Netopia ENT Series Routers...
Страница 6: ...6 Command Line Interface Commands Reference...
Страница 12: ...1 6 Command Line Interface Commands Reference...
Страница 143: ...Motorola Netopia Router CLI Commands 2 131 Current Restrictions None...
Страница 144: ...2 132 Command Line Interface Commands Reference...
