Denying Incoming Connections - D-Link DFL-1000 User Manual

Hide thumbs Also See for DFL-1000:

Quick install manual (6 pages)

Quick install manual (9 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

Table of Contents

External_All to accept connections to the server from anywhere on the Internet. You can also

Source

select an external address that limits the source addresses that the policy accepts connections

from. See Addresses.

Select the Internal address added in step

Destination

address list. See "Adding

Schedule

Select a schedule to control when to accept connections. See Schedules.

Select a service to match the Internet server. For example, if you are adding a policy for a web

Service

server, set service to HTTP. See Services.

Action

Select Accept.

Optionally select Log Traffic to add messages to the traffic log whenever the policy accepts a

Log Traffic

connection.

Traffic

Optionally, select Traffic Shaping to control the bandwidth available to and set the priority of the

Shaping

traffic processed by the policy.

•

Click OK to save the policy.

Denying incoming connections

Create policies that deny incoming connections to control access to the incoming policies that you have

already created.

You can use incoming policies to deny connections:

•

From addresses on the Internet (see Addresses)

•

To addresses on your internal network (see Addresses)

•

To services (see Services)

•

According to a one-time or recurring schedule (see Schedules)

For example, you may want to periodically deny access to your public web server to allow for regular

maintenance. To do this, create a recurring schedule for the maintenance period. Then create a policy

that matches the original web server policy. Set the schedule of this policy to the maintenance schedule

and set Action to Deny.

Since policy matching works on a first-match principle, you must add the deny policy above the accept

policy in the policy list.

Adding an incoming policy to deny connections

•

Add the schedule for denying access or add any addresses for which to deny connections. See

Schedules.

•

Go to Firewall > Policy > Incoming .

•

Find the policy that you want to deny access to.

•

Click Insert Policy before

policy to be denied.

•

Configure the policy.

Source

Select the External address that matches the policy to deny.

Select the Virtual IP (NAT mode) or Internal address (Transparent mode) that matches the

Destination

policy to deny.

Schedule

Select a schedule to control when the policy denies connections.

Service

Select the service that matches the service of the policy to deny.

Action

Select Deny so that the DFL-1000 denies connections defined by the policy.

DFL-1000 User's Manual

Add the Internal address of the server to the Internal

addresses".

for the policy to be denied. This inserts a new policy in the list above the

Table of Contents

Denying Incoming Connections - D-Link DFL-1000 User Manual

Denying incoming connections

Related Manuals for D-Link DFL-1000

Related Content for D-Link DFL-1000

Table of Contents