Comodo Dome Firewall

• Introduction To Comodo Dome Firewall - Virtual Appliance
  • Install Dome Firewall And Login To The Administrative Console
• The Main Interface
• The Dashboard
• View And Modify System Status And General Configuration
  • Manage Admin Accounts
    • Add And Manage Administrators
    • Manage Administrative Roles
  • License Activation
  • SNMP Settings
  • Central Management
  • Configure SSH Access
  • High Availability
  • View And Update Firmware Version
  • Create And Schedule Backup Of DFW State
    • Manually Create A Backup
    • Schedule Backup Operations
    • Encrypt Backup Archives
    • Export A Backup
    • Import A Backup Archive From A Local Computer
    • Roll Back The Virtual Appliance To A Previous Time Point
    • Reset The Virtual Appliance To Factory Defaults
  • Shutdown Or Restart The Dome Firewall Virtual Appliance
• View DFW Virtual Appliance Status
  • System Status
  • Network Status
  • System Usage Summaries
  • Network Traffic
  • Network Connections
  • SSLVPN Connections
• Network Configuration
  • Configure Interface Devices, Uplinks And VLANs
    • Configure Interface Devices
    • Add And Manage Gateway Uplink Devices
    • Create VLANs
  • Routes
    • Add And Manage Static Routes
    • Add And Manage Policy Routing Rules
• Configure DFW Virtual Appliance Services And Protection Settings
  • DHCP Server
  • Advanced Threat Protection
    • Manage The ATP Profiles
    • Comodo Antivirus
  • Time Server
  • Intrusion Prevention
    • Configure Intrusion Prevention System
    • Manage IPS Rulesets
    • Manage Application Identification Rulesets
  • Configure Wireless Hotspot
    • Configure Captive Portal Service
    • Customize The Login Page
    • Add And Manage Permanent Users
  • Internet Content Adaptation Protocol
  • Quality Of Service
• Manage Firewall Configuration
  • Firewall Objects
    • Manage Firewall Address Objects
    • Manage Firewall Object Groups
    • Manage Firewall Schedules
    • Active Directory Integration
  • Destination Network Address Translation
  • Source Network Address Translation
  • Configure System Access
  • Configure Firewall Policy Rules
    • Manage Firewall Policy Rules
    • Manage VPN Firewall Rules
• Configure Proxy Services
  • HTTP/HTTPS Proxy Server
    • Configure URL And Content Filtering
    • HTTPS Proxy
• Configure Virtual Private Network Settings
  • SSL VPN Server
    • Configure General SSL VPN Server Settings
    • Manage SSL VPN Client Accounts
    • Configure Advanced SSL VPN Server Settings
    • Configure Clients To Connect To Dome Firewall
  • IPsec Configuration
  • Configure L2TP Server
  • Configure IPSec/L2TP Users
• View Logs
  • Realtime Logs
  • Configure Log Settings
  • Generate Reports
• Appendix - Minimum Requirements For Software Installations

DHCP Server

• Click 'Services' > 'DHCP Server' in the left-hand menu to open this interface

• The firewall has the ability to assign fixed and dynamic IP addresses to workstations connected to different network zones.

• The DHCP Server area lets you set the start and end IP addresses for each network zone, and specify clients to which you want to assign addresses.

• The interface also allows granular configuration of DNS servers, NTP servers and WNS servers for each network zone.

The DHCP interface contains two panes:

• DHCP

• Current fixed leases
  

DHCP

The upper pane allows you to enable/disable the DHCP service and to configure DHCP settings for LAN, DMZ and Wi-Fi network zones.

To configure/edit the DHCP settings for a network zone

• Click the '+' button beside Settings under the network zone name.
  

The settings panel will open. The panel shows the start and end IP addresses of the range you want to dynamically assign to clients and servers in the selected zone.

• Start Address and End Address – The first and last IP addresses of the IP address range that can be assigned to the clients connected to that network zone. The address range needs to be within the subnet, that can be assigned to that zone.

• Allow only fixed leases – When selected, no client in the selected zone will be automatically assigned a dynamic IP address. If required, the administrator can assign fixed IP addresses for each client from the lower panel

• Default lease time - The time in minutes for which the assigned IP address should be active on the client
  

• Max lease time – The maximum time (in minutes) for which the assigned IP address can be active on the client

• Domain name suffix – The domain name suffix to be passed on to the clients for local domain searches

• Default Gateway – The IP address of the default gateway used by the clients in the network zone. If left blank, the clients will use the DWF virtual appliance as the gateway

• Primary DNS and Secondary DNS – The IP addresses of the primary and secondary DNS servers. The defaults value is from the DNS cache of the DFW virtual appliance.

• Primary NTP server and Secondary NTP server - The IP address or the hostname of the Network Time Protocol (NTP) servers to be used by the clients in the network zone for time synchronization.

• Primary WINS server address and Secondary WINS server address – The IP addresses of the Windows Internet Name Service (WINS) servers the clients should use. This is required only for Microsoft Windows networks that use the WINS service.

• Custom Configuration Lines - Allows Advanced Users to add custom configuration lines for DHCP, e.g., custom routes to subnets

• Enabled – The checkbox allows you to enable or disable the DHCP settings for the selected zone.

• Click Enter/Edit the parameters as required and click 'Save'. The service will restart for your settings to take effect.

• Repeat the process for other network zones, if required.

Once a client(s) DHCP settings have been enabled and it has been auto-assigned IP addresses, the 'Current dynamic leases' pane will appear below the 'Current Fixed Leases' table. This displays the currently assigned dynamic IP address, the MAC address, the hostname and the expiry time of the address associated with each client.

Current Fixed Leases

The 'Current Fixed Leases' pane displays a list of fixed IP addresses assigned to specific clients and allows you to add new fixed address specifications.

To add a new fixed IP address entry

• Click the 'Add a fixed lease' link at the top left of the interface

The Add a fixed lease pane will open.

• Enter the parameters as given below:

• MAC Address – The physical MAC address of the client

• IP Address – The static IP address to be assigned to the client

• Description – A short description of the client

• Next Address - The address to which the client to be redirected, if it is in network boot mode. This setting is only for disk-less client or thin client (Optional)  
  

• Filename – The file name of the boot image stored in the server to which the client needs to be redirected for network boot

• Root path - The path of the boot image file stored in the server to which the client needs to be redirected for network boot

• Enabled – The IP address will be assigned and enabled upon creation. If you want the address to be enabled at a later time, deselect this checkbox. You can enable the address when required by selecting the 'Enabled' checkbox under the Actions column in the Current fixed leases table.