IPv4 Configuration Types

Once an interface has been assigned, in most cases it will require an IP address. For IPv4 connections, the following choices are available in the IPv4 Configuration Type selector on an interface page (e.g. Interfaces > WAN):

  • None

  • Static IPv4

  • DHCP

  • PPP

  • PPPoE

  • PPTP

  • L2TP

Each of these is described in this document.

None

When IPv4 Configuration Type is set to None, IPv4 is disabled on the interface. This is useful if the interface has no IPv4 connectivity or if the IPv4 address on the interface is being managed in some other way, such as for a VPN or tunnel interface.

Static IPv4

With Static IPv4, the interface contains a manually configured IPv4 address. When chosen, three additional fields are available on the interface configuration screen:

IPv4 Address:

The IPv4 address for the interface (e.g. 192.168.1.1).

CIDR Subnet Mask:

The CIDR Subnet Mask determines the size of the subnet to which the IPv4 Address belongs. This must match the value used by other hosts in the same subnet.

IPv4 Upstream Gateway:

An upstream gateway for IPv4 traffic, if any. Selecting a gateway here will cause the firewall to treat this interface as a WAN-type interface for NAT and related functions. See WAN vs LAN Interfaces for more information.

Warning

Do not set a gateway for internal interfaces such as a LAN or DMZ. Only select a gateway on externally-connected interfaces such as a WAN or a private site-to-site link which the firewall should consider a WAN.

Gateways may still be used on internal interfaces for the purpose of static routes without selecting an IPv4 Upstream Gateway here.

The IPv4 Upstream Gateway field is pre-populated with existing IPv4 gateways defined under System > Routing (Gateways).

The fa-plus Add a new gateway button is a shortcut to create a new gateway if one does not already exist. Clicking that button displays a modal form to add the gateway without leaving this page. Fill in the details requested on the new form:

Default Gateway:

If this is the only WAN or will be a new default WAN, check this box. The default IPv4 and IPv6 gateways work independently of one another. The two need not be on the same interface. Changing the default IPv4 gateway has no effect on the IPv6 gateway, and vice versa.

Gateway Name:

The name used to refer to the gateway internally, as well as in places like Gateway Groups, quality graphs, and elsewhere.

Gateway IPv4:

The IPv4 address of the gateway. This address must be inside the same subnet as the Static IPv4 address when using this form.

Description:

A bit of text to indicate the purpose of the gateway.

DHCP

When an interface is set to DHCP, the operating system will attempt automatic IPv4 configuration of this interface via DHCP. This option also activates several additional fields on the page. Under most circumstances these additional fields may be left blank.

Hostname:

Some ISPs require the Hostname for client identification. The value in the Hostname field is sent as the DHCP client identifier and hostname when requesting a DHCP lease.

Alias IPv4 Address:

This value used as a fixed IPv4 alias address by the DHCP client since a typical IP Alias VIP cannot be used with DHCP. This can be useful for accessing a piece of gear on a separate, statically numbered network outside of the DHCP scope. One example would be for reaching a cable modem management IP address.

Reject Leases From:

An IPv4 address for a DHCP server that should be ignored. For example, a cable modem that hands out private IP addresses when the cable sync has been lost. Enter the private IP address of the modem here, e.g. 192.168.100.1 and the firewall will never pick up or attempt to use a an IP address supplied by the specified server.

DHCP VLAN Priority:

Optionally sets a VLAN Priority tag (802.1p) on DHCP client traffic. Should only be enabled when required by an ISP and with the settings they provide.

Advanced Configuration:

Enables options to control the protocol timing. In the vast majority of cases this must be left unchecked and the options inside unchanged.

Protocol Timing:

The fields in this area give fine-grained control over the timing used by dhclient when managing an address on this interface. These options are almost always left at their default values. For more details on what each field controls, see the dhclient man page

Presets:

Has several options for preset protocol timing values. These are useful as a starting point for custom adjustments or for use when the values need to be reset back to default values.

Configuration Override:

Enables a field to use a custom dhclient configuration file. The full path must be given. Using a custom file is rarely needed, but some ISPs require DHCP fields or options that are not supported by the GUI.

PPP Types

The various PPP-based connection types such as PPP, PPPoE, PPTP, and L2TP are all covered in detail at PPPs. When one of these types is selected here on the interfaces screen, their basic options can be changed as described. To access the advanced options, follow the link on this page or navigate to Interfaces > Assignments on the PPPs tab, find the entry, and edit it there.