Each interface has a primary IP address as well as one or more optional secondary IP addresses. An IP address of
0.0.0.0/0 indicates that the interface is to be left unconfigured. Secondary IP addresses can be assigned to an interface by clicking Add IP near the bottom of each interface section.
255.0.0.0in binary has 8 bits set from the left hand side. So,
10.0.0.25with a subnet mask of
10.0.0.25/8in CIDR notation. See the table in Appendix I for a list of common dot-notation subnet masks and their CIDR-notation equivalents.
Cipafilter can use a remote filter as a logging database server for the purposes of scaling performance. This value is a PostgreSQL connect string that instructs the filter to log to a remote database server; it should be configured by tech support.
Enter external DNS servers here. We recommend leaving these blank to use the Cipafilter's internal DNS server.
Clicking this check box will cause the Cipafilter to become a bridge, bridging all of its Ethernet interfaces together into one logical interface. In this configuration the Cipafilter acts like a switch. Installing the Cipafilter this way may require the restarting of any Cisco routers on the subnet to clear their ARP caches. Any IP addresses you wish to configure on Cipafilter for management can be applied to any interface if this box is checked.
The interface closest to the Internet should be chosen as your Primary Internet connection . This is used primarily if you enable NAT on any of your other subnets. If a subnet is being NATed, all packets coming from it through the router are translated to appear as if they are coming from the IP you designate with this setting.
NAT is used to allow a group of machines with private IP addresses like
192.168.0.0/24 to access the Internet. Packets flowing from any subnet with NAT This Subnet checked will have their source address modified to reflect the IP address of your Primary Internet Connection . Packets coming back to the Primary Internet Connection will then be sorted and passed to their real destinations. You only have to enable NAT This Subnet on a single IP from each subnet. For example, if you have five IPs on the
10.0.0.0/8 subnet, you only need to turn NAT on on any one of them to NAT all traffic from the