3.8 Configuring Network Settings

After initial setup, you seldom need to change the network settings unless something in your network changes, such as adding a new gateway or DNS server. These options are for the Access Gateway Appliance. For the Linux or Windows Access Gateway Service, use the utilities supplied by the operating system. However, if you add an new network interface card to the Access Gateway Service machine and use system utilities to configure it and assign it an IP address, you need to update the Access Gateway Service with this information. See Section 3.8.5, Adding a New IP Address to the Access Gateway.

This section describes the following tasks:

3.8.1 Viewing and Modifying Adapter Settings

The adapter settings allow you to view the current configuration for the network adapters installed in the Access Gateway Appliance and manage the IP addresses that are assigned to them.

  • If you want to configure an adapter to use more than one IP address, you can use these settings to add them.

  • If you have multiple adapters installed on an Access Gateway Appliance machine, you can only configure eth0 during installation. Use the procedure described in this section to configure the others.

To view or modify your current adapter settings:

  1. In the Administration Console, click Devices > Access Gateways > Edit > Adapter List.

    LAN adapter configuration
  2. (Conditional) If the Access Gateway is a member of a cluster, select the server you want to configure from the list of servers in the Cluster Member field. All changes made to this page apply to the selected server.

  3. Select the adapter you want to modify, then select one of the following actions:

    • To add a new subnet to an existing adapter, click New.

    • To delete a subnet, select a subnet, then click Delete. More than one subnet must be configured for you to delete one.

    • To modify an existing subnet, click the IP address of the subnet.

  4. To configure a new subnet or a new IP address for a subnet, configure the following fields:

    Configuring a subnet

    Subnet: Displays the address of the subnet that you are modifying. This is empty if you are creating a new subnet.

    Subnet Mask: (Required) Specifies the subnet mask address for this subnet. The address can be specified in standard dotted format or in CIDR format.

    IP Addresses: Allows you to manage the IP addresses assigned to the subnet.

    • To add an address, click New, specify the address, then click OK.

    • To delete an address, select the address, then click Delete.

    • To change the IP address, select the address, then click Change IP Address, specify the new IP address, then click OK.

  5. Click OK.

  6. Click OK.

  7. On the Server Configuration page, click OK, then click Update > OK.

3.8.2 Viewing and Modifying Gateway Settings

The gateway settings display the current gateway configuration that the Access Gateway Appliance is using to route packets. On this page, you can also configure additional gateways. During installation, you could specify only a default gateway. You must have at least one gateway defined for the Access Gateway to function.

The Access Gateway routes requests to specific destinations through these gateways. If a request could be routed through multiple gateways, the Access Gateway chooses the gateway associated with the most restrictive mask (the smallest range of destination addresses). The default gateway is used only when no other routes apply.

Gateways fall within the following three basic groups:

  • Host gateways for specific destination addresses.

  • Network gateways for destination addresses that fall within specific subnets.

  • The default gateway for destination addresses that aren’t covered by host or network gateways.

The Access Gateway uses additional gateways only when the Act As Router option is selected. When this option is selected, you can add Host Gateways and Network Gateways. When configuring a Host Gateway or Network Gateway, you specify the IP address of the host or network gateway in the Next Hop field. This address must be on the same subnetwork as the IP address for the Access Gateway.

IMPORTANT:If you enter an IP address that is on a different subnetwork, the Access Gateway reports this error on the Health page, after the configuration has been applied.

To modify your current gateway configuration:

  1. In the Administration Console, click Devices > Access Gateways > Edit > Gateways.

  2. Configure your default gateway, which specifies the gateway to use when no other routes apply. Configure the following:

    Next Hop: The IP address of the gateway.

    Metric: A relative number indicating the bias you can add to the normal flow of gateway logic. Specifying a number higher than 1 makes this resource more expensive and alters the gateway logic used. Valid numbers include 1 through 16.

    Type: Gateways are active if they publish their presence, or passive if they do not.

  3. Configure your host gateways, which are the gateways to be used for packets being sent to specific hosts. When you select New from the Host Gateway list, you are asked for the following information:

    Next Hop: The address of the host gateway that is to be used.

    Host: The IP address of the destination host. Valid addresses cannot be the first or last address of a class and must be unique.

    Metric: A relative number indicating the bias you can add to the normal flow of gateway logic. Specifying a number higher than 1 makes this resource more expensive and alters the gateway logic used. Valid numbers include 1 through 16.

    Type: Gateways are active if they publish their presence, or passive if they do not.

    Click OK when the fields are configured.

  4. Configure your network gateways, which are the gateways to be used for packets being sent to specific subnets. When you select New from the Network Gateway list, you are asked for the following information:

    Next Hop: The address of the gateway that is to be used.

    Network Address: The subnet address for the destination IP address range. You should enter the valid subnet address.

    Mask: The subnet mask for the subnet or IP address above. A valid entry must be at least as large as a class mask where a Class A mask is 255.0.0.0, a Class B mask is 255.255.0.0, and Class C, D, and E masks are 255.255.255.0.

    Metric: A relative number indicating the bias you can add to the normal flow of gateway logic. Specifying a number higher than 1 makes this resource more expensive and alters the gateway logic used. Valid numbers include 1 through 16.

    Type: Gateways are active if they publish their presence, or passive if they do not.

    Click OK when the fields are configured.

  5. Click OK.

  6. On the Server Configuration page, click OK, then click Update > OK.

3.8.3 Viewing and Modifying DNS Settings

The DNS page displays the current configuration for domain name services for the Access Gateway Appliance and allows you to modify it.

  1. In the Administration Console, click Devices > Access Gateways > Edit > DNS.

  2. (Conditional) If the Access Gateway is a member of a cluster, select the server you want to configure from the list of servers in the Cluster Member field. All changes made to this page apply to the selected server.

  3. Fill in the following fields:

    Server Hostname: Displays the unique host or computer name that you have assigned to the Access Gateway machine. If you modify this name, you need to modify the entry for the Access Gateway in your DNS server to resolve this new name.

    Domain: Specifies the domain name for your network. Your DNS server must be configured to resolve the combination of the server hostname and the domain name to the Access Gateway machine. This field assumes you are using dotted names for your machines, such as sales.mytest.com, where sales is the Server Hostname and mytest.com is the Domain.

    DNS Server IP Addresses: Displays the IP addresses of the servers on your network that resolve DNS names to IP addresses. You can have up to three servers in the list. If you specified any addresses during installation, they appear in this list. To manage the servers in this list, select one of the following options:

    • New: To add a server to the list, click this option and specify the IP address of a DNS server.

    • Delete: To delete a server from the list, select the address of a server, then click this option.

    • Order: To modify the order in which the DNS servers are listed, select the server, then click either the up-arrow or the down-arrow buttons. The first server in the list is the first server contacted when a DNS name needs to be resolved.

  4. Click OK.

  5. On the Server Configuration page, click OK, then click Update > OK.

3.8.4 Configuring Hosts

You can configure the Access Gateway Appliance to have multiple hostnames or to resolve DNS names to IP addresses. If you manually edit the /etc/hosts file, your modifications are lost when the Access Gateway Appliance is updated. However, if you use the Hosts page to specify the entries, the entries are written to the /etc/hosts file whenever the configuration of the Access Gateway Appliance is updated.

  1. (Access Gateway Appliance) In the Administration Console, click Devices > Access Gateways > Edit > Hosts.

    Configuring hosts
  2. (Conditional) If the Access Gateway is a member of a cluster, select the server you want to configure from the list of servers in the Cluster Member field. All changes made to this page apply to the selected server.

  3. To add a new hostname to an existing IP address, click the name of a Host IP Address.

  4. In the Host Name(s) text box, specify a name for the host. Place each hostname on a separate line, then click OK.

  5. To add a new IP address and hostname, click New in the Host IP Address List section, then specify the IP address. In the Host Name(s) text box, specify a hostname, then click OK.

  6. To delete a host, select the check box next to the host you want to delete, then click Delete.

  7. Click OK.

  8. On the Server Configuration page, click OK, then update the Access Gateway.

3.8.5 Adding a New IP Address to the Access Gateway

Before you can configure Access Gateway to use a new IP address, you must first use an operating system utility to add the IP address.

Start YaST, click Network Devices > Network Card, then select the Traditional Method.

After you have used a system utility to add an IP address, you need to update the Access Gateway Service to display the new IP address as a configuration option.

  1. In the Administration Console, click Devices > Access Gateways > [Name of Gateway Service].

  2. On the Server Details page, click New IP, then click OK.

    Access Gateway scans the operating system for its configured IP addresses and adds any new addresses. Any new address is then available for assignment on the Access Gateway configuration pages.

  3. (Optional) To verify that the scan has completed, click the Command Status tab.