Firewall configuration

By default, the users on your internal network can connect through the DFL-500 NPG to the Internet. The firewall blocks all other connections. The firewall is configured with a default policy that matches any connection request received from the internal network and instructs the firewall to forward the connection to the Internet.

Default policy

Policies are instructions used by the firewall to decide what to do with a connection request. When the firewall receives a connection request in the form of a packet, it analyzes the packet to extract its source address, destination address, and service (port number).

For the packet to be connected through the DFL-500 NPG, you must have added a policy that matches the packet's source address, destination address, and service. The policy directs the action that the firewall should perform on the packet. The action can be to allow the connection, deny the connection, require authentication before the connection is allowed, or process the packet as an IPSec VPN packet.

You can enable and disable policies. You can add schedules to policies so that the firewall can process connections differently depending on the time of day or the day of the week, month, or year. You can also enable web content filtering for policies that control the HTTP service.

Use Int ->Ext policies to control how users on your internal network access the Internet. You can use these policies to apply web content filtering to protect users on your internal network from downloading unwanted content from the Internet. You can also use these policies to control IPSec VPN connections through the firewall.

Use Ext ->Int policies to control connections from the Internet to your internal network. You can use these policies to apply web content filtering. You can also use these policies to allow remote users to connect to your internal network using PPTP and L2TP VPN.

This chapter describes:

NAT/Route mode and Transparent mode

Adding NAT/Route mode policies

Adding Transparent mode policies

Configuring policy lists

Addresses

Services

Schedules

Virtual IPs

IP pools

IP/MAC binding

DFL-500 User Manual

23

 

Page 22 Page 24
Page 23
Image 23
D-Link DFL-500 user manual Firewall configuration, Default policy
Page 22 Page 24
Top Page Image Contents