Static – Ubiquiti Networks Rockeac User Manual
Page 23
20
Chapter 4: Network
airOS®7 User Guide
Ubiquiti Networks, Inc.
Static
Assign static IP settings to the device.
Note:
IP settings should be consistent with the
address space of the device’s network segment.
IP Address
Enter the IP address of the device. This IP will
be used for device management purposes.
Netmask
The netmask defines the address space of the
device’s network segment. The 255.255.255.0 (or “/24”)
netmask is commonly used on many Class C IP networks.
Gateway IP
Typically, this is the IP address of the host
router, which provides the point of connection to the
Internet. This can be a DSL modem, cable modem, or
WISP gateway router. The device directs data packets to
the gateway if the destination host is not within the local
network.
Primary DNS IP
Enter the IP address of the primary
DNS (Domain Name System) server. This is used for
management purposes only.
Secondary DNS IP
Enter the IP address of the secondary
DNS server. This entry is optional and used only if the
primary DNS server is not responding. It is used for
management purposes only.
MTU
(Available in Simple view.) The Maximum
Transmission Unit (MTU) is the maximum frame size (in
bytes) that a network interface can transmit or receive. The
default is 1500.
NAT
Network Address Translation (NAT) is an IP
masquerading technique that hides private network IP
address space (on the LAN interface) behind a single
public IP address (on the WAN interface).
NAT is implemented using the masquerade type firewall
rules. NAT firewall entries are stored in the iptables
nat table. Specify static routes to allow packets to pass
through the airOS device if NAT is disabled.
•
NAT Protocol
To disable NAT traversal for the SIP, PPTP,
FTP, or RSTP protocols, uncheck the respective box(es).
Block management access
To block device management
from the WAN interface, check this box. This feature makes
Router mode more secure if the device has a public IP
address.
DMZ
DMZ (Demilitarized Zone) specifically allows one
computer/device behind NAT to become “demilitarized”,
so all ports from the public network are forwarded to the
ports of this private network, similar to a 1:1 NAT.
•
DMZ Management Ports
The airOS device responds to
requests from the external network as if it were the host
device that is specified with the DMZ IP address. DMZ
Management Ports is disabled by default; the device is
accessible from the WAN port. If DMZ Management Ports
is enabled, all management ports will be forwarded to
the device, so you’ll only be able to access the device
from the LAN side.
The default values of the management ports are:
Management Method
Management Port
HTTP/HTTPS
80/443 TCP
SSH
22 TCP
Telnet
23 TCP
SNMP
161 UDP
Discovery
10001 UDP
airView
18888 TCP
•
DMZ IP
Enter the IP address of the local host network
device. The DMZ host device will be completely exposed
to the external network.
Auto IP Aliasing
If enabled, automatically generates an
IP address for the corresponding WLAN/LAN interface.
The generated IP address is a unique Class B IP address
from the 169.254.X.Y range (netmask 255.255.0.0), which
is intended for use within the same network segment only.
The Auto IP always starts with 169.254.X.Y, with X and Y
as the last two octets from the MAC address of the device.
For example, if the MAC is 00:15:6D:A3:04:FB, then the
generated unique Auto IP will be 169.254.4.251.
The Auto IP Aliasing setting can be useful because you
can still access and manage devices even if you lose,
misconfigure, or forget their IP addresses. Because an
Auto IP address is based on the last two octets of the MAC
address, you can determine the IP address of a device if
you know its MAC address.
MAC Address Cloning
When enabled, you can change
the MAC address of the respective interface. This is
especially useful if your ISP only assigns one valid IP
address and it is associated to a specific MAC address. This
is usually used by cable operators or some WISPs.
•
MAC Address
Enter the MAC address you want to clone
to the respective interface. This becomes the new MAC
address of the interface.