Accepting Incoming Connections In Nat Mode; Accepting Incoming Connections In Transparent Mode; Denying Incoming Connections - D-Link DFL-500 User Manual
Soho firewall
Hide thumbs
Also See for DFL-500:
- Manual (122 pages) ,
- User manual (140 pages) ,
- Quick install manual (8 pages)
Table of Contents
Advertisement
Accepting incoming connections in NAT mode
Running the DFL-500 in NAT mode hides the actual addresses of the computers on your internal network
from the Internet. To provide Internet access to a server on your internal network, you must add a Virtual IP
that creates an association between the Internet IP address of the server and the actual address of the
computer on your internal network that is running the server.
Once you have created a Virtual IP, you can add Incoming policies to accept connections to the server.
Adding an Incoming policy to accept connections
Use the following procedure to accept connections from the Internet to a server on the internal network:
•
Add a Virtual IP for the server. See
•
Go to Firewall > Policy > Incoming .
•
Click New to add a new incoming policy.
•
Configure the policy (see
Select External_All to accept connections to the server from anywhere on the Internet. You can also select
Source
an external address that limits the source addresses that the policy accepts connections from. See
Addresses.
Destination Select the Virtual IP added in Step
Select Always to accept connections at any time. To control when to accept connections add a schedule.
Schedule
See Schedules.
Service
Select a service to match the Internet server. For a web server, set service to HTTP. See Services.
Action
Select ACCEPT.
•
Click OK to save the policy.
Accepting incoming connections in Transparent mode
In transparent mode, the addresses on the internal network are routable from the internet so you do not have
to configure Virtual IP mapping. To accept connections to a server on the internal network:
•
Add the address of the server to the internal address list (see
•
Go to Firewall > Policy > Incoming .
•
Click New to add a new incoming policy.
•
Configure the policy to accept connections to the internal address from the Internet for the service
provided by the server (see
Denying incoming connections
Create policies that deny incoming connections to control access to the incoming policies that you have
already created.
You can use incoming policies to deny connections:
•
From addresses on the Internet (see Addresses)
•
To addresses on your internal network (see Addresses)
•
To services (see Services)
•
According to a one-time or recurring schedule (see Schedules)
For example, you may want to periodically deny access to your public web server to allow for regular
maintenance. To do this, create a recurring schedule for the maintenance period. Then create a policy that
matches the original web server policy. Set the schedule of this policy to the maintenance schedule and set
Action to Deny.
DFL-500 User's Manual
Adding Virtual
Adding
policies).
Add a Virtual IP for the server. See "Adding Virtual IPs"
Adding
policies).
IPs.
Adding
addresses).
.
27
Advertisement
Table of Contents
