Topic
This article discusses how to create and configure zones in Cytracom ControlOne.
Environment
- Cytracom ControlOne
Description
When setting up a network, you must create at least one zone, which functions as a segmented LAN. You can create different, separate zones for different types of traffic.
There are two different zone types:
- Site zone: A segment of the local network managed by the ControlOne bridge. This is the network for the physical hardware deployed at a client's location.
- User Zone: A zone to which you can assign user accounts and set up zero trust policies to ensure they are authorized to connect.
The Zone icon in the Network Map
Once you create your zone, A visual representation will appear in the Network map, showing the zone name, connections, IP address, and number of clients connected.
1. Zone name
2. Zone IP address: Click the address to copy it to your clipboard
3. Number of clients connected. Clients are detected in this zone via DHCP and ARP
4. Connection to gateway
5. Connection to the local Ethernet port at a site
6. Management options: Click this icon to edit, rename, or delete your zone.
General zone configuration
Once your zone is set up, click the blank space within the zone icon to open configuration options, then click the General tab at the top of the options panel.
1. Swap between General, DNS, and DHCP configuration options
2. Configure as a User Zone or a Site Zone
3. Configure the gateway (visually represented by the line connecting the zone to the gateway in the Network Map)
4. Specify additional zones to connect with
5. Create or select a security policy
6. Change the IP address and subnet mask. If you set the zone for Auto IP, you can change its address automatically-generated address here. These are typically RFC 1918 private IP addresses within the following ranges:
- 10.0.0.0-10.255.255.255
- 172.16.0.0-172.31.255.255
- 192.168.0.0-192.168.255.255
The system will alert you if you specify an address outside those ranges
7. View address details for this subnet
8. View all objects (gateways, security policies, etc.) related to this zone
9. Delete the zone
10. Save any configuration changes
DNS configuration options
1. Swap between General, DNS, and DHCP configuration options
2. Change DNS Mode. You can choose between the following modes:
- Auto: ControlOne uses the smart defaults for the DHCP range
- Advanced: Specify an alternate destination for recursive DNS requests
- Disabled: disables the built-in DNS server
3. Conditional forwards: Forward DNS requests related to another domain to that specific domain. See Conditional forwards, below.
4. Static records: Use this option to make DNS records always return a specified IP Address. Click the Add link, then enter the hostname and IP address, and check the Enabled box
Conditional forwards
Some systems, such as Active Directory, require on-prem DNS to function properly. In these cases, routing all recursive DNS requests to alternate destinations may cause those local services to fail. Conditional forwards let you route only traffic bound for specific domains to remote DNS servers.
If you click the Add link, ControlOne will prompt you do specify a domain name and DNS server that will receive the forward.
DHCP configuration options
1. Swap between General, DNS, and DHCP configuration options
2. Change DHCP Mode. You can choose between the following modes:
- Auto: ControlOne uses the smart defaults for the DHCP range
- Advanced: DHCP is active for new zones by default. You can specify a custom DHCP pool with this option. See Specifying a custom DHCP pool, below.
- Relay: Lets you set up a DHCP relay to the DHCP server in another subnet.
- Disabled: Disables the ControlOne DHCP server on this zone.
3. DHCP Options lets you enter additional option codes for this zone. You can pick a reservation either inside or outside the DHCP pool.
4. DHCP Reservation lets you reserve a specific IP address for a particular MAC address. See Reserving a DHCP address, below.
Specifying a custom DHCP pool
In DHCP Tab advanced options:
1. Enter the starting IP address.
2. Specify the number of IP addresses in the pool.
3. Set the IP address lease lifetime.
Reserving a DHCP address
In DHCP Tab advanced options, click the Add link next to Reservations.
1. Enter the reservation name.
2. Enter the IP address you wish to reserve.
3. Enter the MAC address reserving this address.
4. Check the Enabled box.
When finished, click the Create button.
Additional resources
Still have questions? Click here to learn how to contact Cytracom Technical Support or open a ticket.