Adding Policies; Adding Route Mode Policies - D-Link DFL-500 User Manual

Hide thumbs Also See for DFL-500:

Manual (122 pages)

User manual (114 pages)

Quick install manual (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

Table of Contents

Note: Changing policy modes between interfaces resets firewall policies and addresses and IPSec VPN policies.

To change the policy mode between the internal and external interface using the web-based manager:

Go to Firewall > Mode .

Select the mode for connections between the internal and external interface.

Select NAT to change the policy mode to NAT mode. Select Route to change the policy mode to route

mode.

Click Apply.

Adding policies

Add security policies to control connections and traffic between DFL-500 interfaces. The first step to adding a

policy is to select a policy list. There are 2 policy lists:

Int to Ext Policies for connections from the internal network to the external network (the Internet).

Ext to Int Policies for connections from the external network to the internal network.

Once you have chosen the policy list, you can add policies to control connections. You must arrange policies

in the policy list so that they have the results that you expect.

Use the following procedures to add policies:

Adding route mode policies

Adding NAT mode policies

Editing policies

Ordering policies in policy lists

Adding route mode policies

When the firewall is running in Transparent mode, all policies are route mode policies. When the firewall is

running in NAT/Route mode, policies are route mode policies when the policy mode between two interfaces is

set to route mode.

To add a route mode policy:

Go to Firewall > Policy .

Select a policy list tab.

Click New to add a new policy.

You can also select Insert Policy before

Configure the policy.

An address that matches the source address of the packet. This can be a single IP address or an address

Source

range. Before you can add this address to a policy, you must add it to the source interface. This address

must be a valid IP address for the network connected to the source interface. See

An address that matches the destination address of the packet. This can be a single IP address or an

address range. Before you can add this address to a policy, you must add it to the destination interface.

Destination

This address must be a valid IP address for the network connected to the destination interface. See

Adding

addresses.

A schedule that controls when this policy is active. During the time that the schedule is valid the policy is

Schedule

available to be matched with connections. See Schedules.

DFL-500 User Manual

on a policy in the list to add the new policy above a specific policy.

Adding

addresses.

Table of Contents

Adding Policies; Adding Route Mode Policies - D-Link DFL-500 User Manual

Adding policies

Adding route mode policies

Related Manuals for D-Link DFL-500

Related Content for D-Link DFL-500

Table of Contents