LANconfig: Communication / Remote sites / WAN tag table
WEBconfig: Setup / IP router
- WAN tag generation
WAN tag generation defines the source for the assignment of interfaces
tags. Besides assignment via the firewall or direct assignment via the
tag table, the interface tag can also be selected based on the source
route in the effective routing table (static routing entries plus routes
learned via RIP). The source IP and the name of the remote site used
to establish the IP connection is compared with the routing information.
The routing tag of this source route is assigned for further processing
to the packets received at the WAN-side of this connection. If the effective
routing table contains more than one entry for a remote site with the
same network, the smallest tag is used.
Example: The following ARF networks have been defined:
PRIVATE is to have Internet access only, HOME-OFFICE is to have a VPN tunnel to the remote site VPN-COMPANY only. The corresponding effective routing table appears as follows:
Network IP address Rtg tag Port PRIVATE 192.168.1.1/24 1 LAN -1 HOME-OFFICE 192.168.10.1/24 10 LAN -2 IP address IP netmask Rtg tag Remote site Distanz Masking 192.168.10.0 255.255.255.0 10 VPN-COMPANY 0 No 255.255.255.255 0.0.0.0 1 INTERNET 0 No - Data packet coming from network 192.168.10.x: Tag = 10
- Data packet coming from network 192.168.1.x: Tag = 1
- Data packet coming from any other network: Tag = 0
- Manual: With this setting, the interface tags are determined solely by an entry in the tag table. The routing table has no significance in the assignment of interfaces tags.
- Auto: With this setting, the interface tags are determined initially by an entry in the tag table. If no matching entry is located there, the tag is determined based on the routing table.
Note: The interface tags determined via the tag table and on the basis of the routing table can be overwritten with an appropriate entry in the firewall.