Firewall Configuration; Policy Modes; Nat/Route Mode - D-Link DFL-500 User Manual

Hide thumbs Also See for DFL-500:

Manual (122 pages)

User manual (114 pages)

Quick install manual (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

Table of Contents

Firewall configuration

By default the users on your internal network can connect through the DFL-500 to the Internet. The DFL-500

blocks all other connections.The DFL-500 is configured with a default firewall security policy that matches any

connection request received from the internal network and instructs the firewall to forward the connection to

the Internet.

Default security policy

Security policies are instructions used by the firewall to decide what to do with a connection request. When

the firewall receives a connection request in the form of a packet, it analyzes the packet to extract its source

address, destination address, and service (port number).

For the packet to be connected through the DFL-500, you must have added a policy to the interface that

receives the packet. The policy must match the packet's source address, destination address, and service.

The policy directs the action that the firewall should perform on the packet. The action can be to allow the

connection, deny the connection, or to require authentication before the connection is allowed. You can also

add schedules to security policies so that the firewall can process connections differently depending on the

time of day or the day of the week, month, or year.

To configure security policies:

Policy modes

Adding policies

Adding addresses

Adding virtual IPs

Services

Schedules

Users and authentication

Port forwarding

IP/MAC binding

Traffic shaping

Policy modes

The first step in configuring security policies is to configure the mode for the firewall. The firewall can run in

NAT/Route mode or Transparent mode.

NAT/Route mode

Select NAT/Route mode to use DFL-500 network address translation to protect private networks from public

networks. In NAT/Route mode, you can connect a private network to the internal interface and a public

network, such as the Internet, to the external interface. Then you can create NAT mode policies to accept or

deny connections between these networks. NAT mode policies hide the addresses of the internal network

from users on the internet.

DFL-500 User Manual

Table of Contents

Firewall Configuration; Policy Modes; Nat/Route Mode - D-Link DFL-500 User Manual

Firewall configuration

Policy modes

NAT/Route mode

Related Manuals for D-Link DFL-500

Related Content for D-Link DFL-500

Table of Contents