Adding Nat Mode Policies - D-Link DFL-500 User Manual

Hide thumbs Also See for DFL-500:

Manual (122 pages)

User manual (114 pages)

Quick install manual (8 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

Table of Contents

A service that matches the service (or port number) of the packet. You can select from a wide range of

Service

predefined services, or add custom services and service groups. See Services.

Select how the firewall should respond when the policy matches a connection attempt. You can configure

the policy to direct the firewall to accept the connection, deny the connection, or require users to

Action

authenticate with the firewall before the firewall accepts the connection. Authentication is not available in

Transparent mode. See

Optionally select Log Traffic to add messages to the traffic log whenever the policy processes a

Log Traffic

connection.

Traffic

Optionally select Traffic Shaping to control the bandwidth available to and set the priority of the traffic

Shaping

processed by the policy. See

Select OK to add the policy.

The policy is added to the selected policy list. You must arrange policies in the policy list so that they have the

results that you expect. Arranging policies in a policy list is described in

Sample Route mode policy (NAT/Route mode)

Adding NAT mode policies

NAT mode policies provide network address translation between interfaces. By default when the firewall is

running in NAT/Route mode, it is configured for NAT mode policies between the external and internal

interfaces. NAT mode policies hide IP addresses on the internal network from the Internet.

NAT mode policies for connections from the internal interface to the external interface translate the source

address of packets to the address of the external interface. The firewall performs this address translation

automatically because it knows the address of its external interface.

For connections from the external interface to the internal interface, NAT mode policies must translate the

destination address of the packet from an Internet address to an address on the internal network. You have to

add the information the firewall needs to be able to map the destination address of the packet to an address

on the internal network. This mapping is referred to as a virtual IP.

A virtual IP must be added to Ext to Int NAT mode policies. For more information about virtual IPs, see

virtual

IPs.

To add a NAT mode policy:

Go to Firewall > Policy .

Select a policy list tab.

Select New to add a new policy.

DFL-500 User Manual

Users and authentication

Traffic

shaping.

for more information about authentication.

Ordering policies in policy

lists.

Adding

Table of Contents

Adding Nat Mode Policies - D-Link DFL-500 User Manual

Adding NAT mode policies

Related Manuals for D-Link DFL-500

Related Content for D-Link DFL-500

Table of Contents