| FAQ |
|
| If you can't find the information that you are looking for about LAN GateKeeper in this FAQ section, please contact us at info@pspinc.com. |
|
|
|
 |
Is it possible to import the CSV file which is customized by a user to add multiple addresses at once? |
|
|
 |
What are the differences between "Normal Mode" and "Unauthorized Mode"? |
|
|
 |
In the case that the LAN GateKeeper server goes down while LAN GateKeeper is running, what happens to the connected PCs under the network? |
|
|
 |
Is it necessary to reboot each PC after I collect MAC addresses on "Test Mode" and reboot the LAN GateKeeper server on "Normal Mode"? Is it alternatively possible to just unplug and plug the network cable back in? |
|
|
 |
I understand that when a certain packet from a PC which has an
unauthorized MAC address is detected, LAN GateKeeper reacts as if the IP address already exists in the same network. As a result, it blocks the PC from accessing.
When LAN GateKeeper rejects an access, does it react in the same way as in the case that duplicated IP addresses exist in a static IP network environment? |
|
|
 |
There is a possibility of changing IP addresses when LAN GateKeeper runs on a DHCP network environment. If an authorized PC’s IP changes, will the new and old IP addresses’ information be stored only in the log file or will the MAC address with a different IP address information be stored in both the authorized and the unauthorized MAC address list? |
|
|
 |
Does the MAC address of LAN GateKeeper server need to be added to the authorized MAC address list for collecting MAC addresses? It seems better for the LAN GateKeeper server to use a static IP address, but is it possible for the LAN GateKeeper server to use an IP address dynamically assigned in a DHCP network environment? |
|
|
 |
Suppose that a user is using two network segments (A and B) that share the same rooter in a LAN environment, and LAN GateKeeper runs in each segment A and B. In this case, will the decision for access control be done with the security policy of the whole LAN environment including the rooter regardless of the settings of LAN GateKeeper? |
|
|
 |
Is it necessary for devices that have IP addresses (e.g. network printer, network storage) to be added to the authorized MAC address list? |
|
|
 |
If it is necessary for devices that have IP addresses (e.g. network printer, network storage) to be added to the authorized MAC address list, it will be also necessary to have extra information besides MAC/IP address. Since the information can be in Japanese as well as in English, is there a similar function like this in this version? |
|
|
 |
Do any problems occur when LAN GateKeeper runs in a network environment where RAS servers and PPP servers for dial-up exist. |
|
|
 |
Is there a limit for the number of MAC addresses that can be added to the authorized MAC address list? |
|
|
 |
If the number of the MAC addresses on the authorized MAC address list increases in large numbers, does any time delay occur for the MAC address authorization process? |
|
|
 |
Can the LAN GateKeeper server settings be configured only on the machine where LAN GateKeeper is installed? |
|
|
 |
Is it possible to run two LAN GateKeeper servers in a single network segment? (e.g. For the case of temporarily substituting a LAN GateKeeper server or the case of duplicating a LAN GateKeeper server) |
|
|
 |
Are MAC addresses be overwritten in the authorized or the unauthorized MAC address list when multiple MAC addresses are uploaded via CSV file? |
|
|
 |
There are four options of executive network interfaces for LAN GateKeeper. Does this mean that it is possible to manage multiple networks at a time? In other words, is it possible for a server with multiple network interfaces to manage a maximum of four network segments? |
|
|
|
|
 |
 |
 |
|
|
Is it possible to import the CSV file which is customized by a user to add multiple addresses at once? |
|
|
|
|
 |
Yes, it is possible to import a user-customized CSV file because you can choose which field in the CSV file is imported as which field type for LAN GateKeeper. |
|
|
|
 |
|
 |
|
|
|
|
|
|
|
|
|
| What are the differences between “Normal Mode” and “Unauthorized Mode”? |
|
|
|
|
|
"Normal Mode" allows only MAC addresses that are in the authorized MAC address list to get access and rejected MAC addresses are added to the unauthorized MAC address list. (The authorized MAC address list is read-only. The unauthorized MAC address list is read and write only.)
“Unauthorized Mode” rejects only MAC addresses that are in the unauthorized MAC address list and other MAC addresses are allowed to get access, but they are not added to the authorized MAC address list. (Unauthorized MAC address list is read-only.) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In the case that the LAN GateKeeper server goes down while LAN GateKeeper is running, what happens to the connected PCs under the network? |
|
|
|
|
|
In this case, the authorized PCs are not affected at all. Please note that no matter how LAN GateKeeper is set up to use either "Normal Mode" or "Unauthorized Mode", the function for rejecting MAC addresses does not work for PCs which are connected to the network after the server goes down. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Is it necessary to reboot each PC after I collect MAC addresses on "Test Mode" and reboot the LAN GateKeeper server on "Normal Mode"? Is it alternatively possible to just unplug and plug the network cable back in? |
|
|
|
|
|
The way of sending packets from PCs to connect to a network is different, based on which Windows is running on them. If this is the case, please reboot each PC. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
I understand that when a certain packet from a PC which has an unauthorized MAC address is detected, LAN GateKeeper reacts as if the IP address already exists in the same network. As a result, it blocks the PC from accessing.
When LAN GateKeeper rejects an access, does it react in the same way as in the case that duplicated IP addresses exist in a static IP network environment? |
|
|
|
|
|
You cannot tell the difference by the message dialog. In the case that duplicated IP addresses exist in the network, a message dialog will be displayed for both of the PCs. However, a message dialog will be displayed only on an unauthorized PC when LAN GateKeeper rejects it from accessing. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
There is a possibility of changing IP addresses when LAN GateKeeper runs on a DHCP network environment.
If an authorized PC's IP changes, will the new and old IP addresses'information be stored only in the log file or will the MAC address with a different IP address information be stored in both the authorized and the unauthorized MAC address list? |
|
|
|
|
|
Both the authorized list and the unauthorized list use a MAC address as a primary key. The authorized list is not updated automatically while LAN GateKeeper is running. As long as the same MAC address is being used, the IP address that is originally assigned remains. The unauthorized list uses a MAC address as a primary key, and a newest IP address always overwrites its current one. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Does the MAC address of LAN GateKeeper server need to be added to the authorized MAC address list for collecting MAC addresses? It seems better for the LAN GateKeeper server to use a static IP address, but is it possible for the LAN GateKeeper server to use an IP address dynamically assigned in a DHCP network environment? |
|
|
|
|
|
LAN GateKeeper deals with its own MAC address differently from other MAC addresses. Thus it is not necessary to add the MAC address to the authorized MAC address list. In addition, LAN GateKeeper can run both with a static IP address in a non-DHCP environment and a dynamic IP address in a DHCP environment. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Suppose that a user is using two network segments (A and B) that share the same rooter in a LAN environment, and LAN GateKeeper runs in each segment A and B. In this case, will the decision for access control be done with the security policy of the whole LAN environment including the rooter regardless of the settings of LAN GateKeeper? |
|
|
|
|
|
Yes. LAN GateKeeper is not involved with the decision of access control between certain network segments that are authorized by LAN GateKeeper and other external network segments. LAN GateKeeper also does not have any impact on those accesses. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Is it necessary for devices that have IP addresses (e.g. network printer, network storage) to be added to the authorized MAC address list? |
|
|
|
|
|
Yes. However, there are some devices that are not affected by the settings of LAN GateKeeper because of the different network connection procedures. They can be connected to the network without any restrictions set by LAN GateKeeper. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If it is necessary for devices that have IP addresses (e.g. network printer, network storage) to be added to the authorized MAC address list, it will be also necessary to have extra information besides MAC/IP address. Since the information can be in Japanese as well as in English, is there a similar function like this in this version? |
|
|
|
|
|
Besides MAC address and IP address, there are other fields such as Username, Email and telephone number fields for the authorized MAC address list. You can use them as the way you want because LAN GateKeeper does not use the data in these fields.
Please refer to the User Manual (3-3. Add MAC address), pic 3: Add Authorized MAC Address. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Do any problems occur when LAN GateKeeper runs in a network environment where RAS servers and PPP servers for dial-up exist? |
|
|
|
|
|
As long as those servers are added to the authorized MAC address list, there is no problem using them with LAN GateKeeper. Since the user authentication controls network accesses, there is no concern of network security. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Is there a limit for the number of MAC addresses that can be added to the authorized MAC address list? |
|
|
|
|
|
No, there is no limitation for how many MAC addresses can be added to the list. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If the number of the MAC addresses on the authorized MAC address list increases in large numbers, does any time delay occur for the MAC address authorization process? |
|
|
|
|
|
During our test, we did not find any time delay. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Can the LAN GateKeeper server settings be configured only on the machine where LAN GateKeeper is installed? |
|
|
|
|
|
The LAN GateKeeper server settings can be configured from other PCs where LAN GateKeeper is not installed through a web browser. Even though you run multiple LAN GateKeeper servers, you can change the settings from a certain PC. Please refer to the User Manual for details. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Is it possible to run two LAN GateKeeper servers in a single network segment?
(e.g. For the case of temporarily substituting a LAN GateKeeper server or the case of duplicating a LAN GateKeeper server) |
|
|
|
|
|
It is possible to run two LAN GateKeeper servers at a time. However, the LAN administrator needs to synchronize these two servers because they do not automatically synchronize in the current version. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Are MAC addresses be overwritten in the authorized or the unauthorized MAC address list when multiple MAC addresses are uploaded via CSV file? |
|
|
|
|
|
Yes, the existing data will be overwritten automatically. It is recommended to export MAC address information in the authorized or the unauthorized MAC address list by downloading into a CSV file before you upload new data via CSV file. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
There are four options of executive network interfaces for LAN GateKeeper. Does this mean that it is possible to manage multiple networks at a time?
In other words, is it possible for a server with multiple network interfaces to manage a maximum of four network segments? |
|
|
|
|
|
No. The current version of LAN GateKeeper can run only on a single network. |
|
|
|
|
|
|
|
|
|
|
