D-Link DFL-500 Network Card User Manual

Open as PDF

of 122

DFL-500 User Manual

Firewall configuration

By default, the users on your internal network can connect through the DFL-500 NPG to the Internet. The

firewall blocks all other connections. The firewall is configured with a default policy that matches any

connection request received from the internal network and instructs the firewall to forward the connection to

the Internet.

Default policy

Policies are instructions used by the firewall to decide what to do with a connection request. When the firewall

receives a connection request in the form of a packet, it analyzes the packet to extract its source address,

destination address, and service (port number).

For the packet to be connected through the DFL-500 NPG, you must have added a policy that matches the

packet's source address, destination address, and service. The policy directs the action that the firewall

should perform on the packet. The action can be to allow the connection, deny the connection, require

authentication before the connection is allowed, or process the packet as an IPSec VPN packet.

You can enable and disable policies. You can add schedules to policies so that the firewall can process

connections differently depending on the time of day or the day of the week, month, or year. You can also

enable web content filtering for policies that control the HTTP service.

Use Int -> Ext policies to control how users on your internal network access the Internet. You can use these

policies to apply web content filtering to protect users on your internal network from downloading unwanted

content from the Internet. You can also use these policies to control IPSec VPN connections through the

firewall.

Use Ext -> Int policies to control connections from the Internet to your internal network. You can use these

policies to apply web content filtering. You can also use these policies to allow remote users to connect to

your internal network using PPTP and L2TP VPN.

This chapter describes:

•

NAT/Route mode and Transparent mode

•

Adding NAT/Route mode policies

•

Adding Transparent mode policies

•

Configuring policy lists

•

Addresses

•

Services

•

Schedules

•

Virtual IPs

•

IP pools

•

IP/MAC binding

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

D-Link DFL-500 Network Card User Manual