16.11. Interface

In order to change an Interface setting in the system you need to navigate to Interfaces → INTNAME where INTNAME is the interface name you want to edit.

Depending on the underlying interface this represents you have different options and settings on this page.

On a normal Interface you have the following Settings.

16.11.1. General

Enabled to enable or disable the interface

Name can be changed to any name you like

MAC Address if you want to override the default MAC Address. Be aware that depending on the interface representation this can have consequences on other interfaces. For example all VLANs of an interface share the same MAC.

MTU will change the Maximum Transition Unit. It is 1500 per default and if you plan on using IPv6 the minimum can not be less than 1280.

MSS fix will clamp the TCP connection at this size. It is usually only needed with PPPoE and PPP and on those interfaces it is generated by default.

16.11.2. IPv4 Settings

IPv4 settings contain the IPv4 type.

All IPv4 types are:

  • None
  • Static
  • DHCP
  • PPP
  • PPPoE

Depending on the interface you only see a subset of the available options.

DHCP will use the DHCP Client to get an IP Address and Gateway on the Interface.

Static lets you configure an IP Address and if applicable a Gateway manually.

Gateway is available for static IPs and only affects the IP Addresses of the VT AIR itself. The IP Addresses of the VT AIR will always use this Gateway. This is especially needed in a multi WAN Setup so that the interface IP Address is responsive if the default route is with another interface. Otherwise all routing decisions are based on the main routing table, also for interface IP Addresses.

16.11.3. IPv6 Settings

IPv6 settings contain the IPv6 type.

All IPv6 types are:

  • None
  • Static
  • DHCP
  • SLAAC
  • Track

Depending on the interface you only see a subset of the available options.

Static lets you configure an IP Adress and if applicable a Gateway manually.

DHCP will use the DHCP Client to get an IP Address. This requires a Router that advertises itelf with RA. IA_NA can be set manually otherwise one will be generated. That is needed to obtain an IP Address from the server. Prefix Delegation can be enabled to also obtain a Prefix from the DHCP Server that can then be set on other interface via Track. IA_PD can be set manually. That is needed to obtain an IP Address from the server. Prefix Delegation Size is auto by default. You can also set the size of the prefix you want to request.

SLAAC will get the IP Address with the IPv6 SLAAC mechanism. Make sure there is at least one IPv6 Router that advertises itself in the network.

Track will obtain an IP Address via Prefix Delegation from another Interface. Please also select the interface that obtains a prefix.

Router Advertisement (Client) will either obtain the IP Address if SLAAC is enabled and/or the Gateway. The Gateway in IPv6 is always obtained by the Router Advertisement mechanism even if DHCP is used. If you disable Router Advertisement this mechanism will be disabled.

Gateway is available for static IPs and only affects the IP Addresses of the VT AIR itself. The IP Addresses of the VT AIR will always use this Gateway. This is especially needed in a multi WAN Setup so that the interface IP Address is responsive if the default route is with another interface. Otherwise all routing decisions are based on the main routing table, also for interface IP Addresses.

16.11.4. Advanced Settings

Disable RFC1918 will automatically create a Firewall rule to block all IPs in the RFC1918 block. Have a look at Builtin Network Ranges for a description of RFC1918.

Automatic Outbound NAT (SNAT) will automatically create a SNAT rule for this interface.

16.11.5. WPA Authentication (802.1X)

WPA Authentication (802.1X) can be enabled by selecting a Protocol. The following protocols are available:

  • EAP-TLS
  • EAP-PEAP/MSCHAPv2 (both PEAPv0 and PEAPv1)
  • EAP-PEAP/TLS (both PEAPv0 and PEAPv1)
  • EAP-PEAP/MD5-Challenge (both PEAPv0 and PEAPv1)
  • EAP-TTLS/EAP-MD5-Challenge
  • EAP-TTLS/EAP-MSCHAPv2
  • EAP-TTLS/EAP-TLS
  • EAP-TTLS/MSCHAPv2
  • EAP-TTLS/MSCHAP
  • EAP-TTLS/PAP
  • EAP-TTLS/CHAP
  • EAP-MD5-Challenge
  • EAP-MSCHAPv2

Entering an Anonymous Identity is optional. For authentication purposes an Identity and Password are required.

When selecting a protocol which supports PEAP or TTLS a Certificate Authority and Certificate are needed.

16.11.6. Interface Dependent options

Some interfaces have other options. For example on a Bridge you can change the STP/RSTP as well as the Bridge Port Settings.

On PPPoE and PPP interfaces you can also change some of the settings on this page.