Manuals / D-Link / Computer Equipment / Network Card

D-Link DFL-500 Adding NAT/Route mode policies, Changing to NAT/Route mode, Go to Firewall Policy

Models: DFL-500

1 122
Download 122 pages 7.35 Kb
Page 24
Image 24

NAT/Route mode and Transparent mode

The first step in configuring firewall policies is to configure the mode for the firewall. The firewall can run in NAT/Route mode or Transparent mode.

NAT/Route mode

Run the DFL-500 NPG in NAT/Route mode to protect a private network from a public network. When the DFL-500 NPG is running in NAT/Route mode, you can connect a private network to the internal interface and a public network, such as the Internet, to the external interface. Each of these networks must have a different subnet address. You create policies to control how the firewall routes packets between interfaces, and therefore between the networks connected to the interfaces.

In NAT/Route mode, you can create NAT mode policies and Route mode policies.

NAT mode policies use network address translation to hide the addresses of a more secure network from users on a less secure network.

Route mode policies control connections between networks without performing address translation.

Transparent mode

Run the DFL-500 NPG in Transparent mode to provide firewall protection to a network with public addresses. The DFL-500 NPG can be inserted into your network at any point without the need to make changes to your network or any of its components.

In Transparent mode, you add policies to accept or deny connections between interfaces. The DFL-500 NPG applies policies to control network traffic without modifying the packets in any way.

Changing to Transparent mode

Use the procedure Changing to Transparent mode to switch the DFL-500 NPG from NAT/Route mode to Transparent mode.

Changing to Transparent mode deletes all NAT/Route mode policies and addresses. In addition any routing set in NAT mode is also deleted. This includes the default route that is part of the default NAT configuration.

Changing to NAT/Route mode

Use the procedure Changing to NAT/Route mode to switch the DFL-500 NPG from Transparent mode to NAT/Route mode.

Changing to NAT/Route mode deletes all Transparent mode policies and addresses. In addition any routing set in NAT mode is also deleted. This includes the default route that is part of the default NAT configuration.

Adding NAT/Route mode policies

Add NAT/Route mode policies to control connections and traffic between DFL-500 interfaces. If you have configured the DFL-500 NPG for NAT/Route mode operation, you can use the following procedure to add NAT/Route mode policies:

Go to Firewall > Policy .

Select the policy list tab to which you want to add the policy.

Select New to add a new policy.

DFL-500 User Manual

24

 

Page 23 Page 25
Page 24
Image 24
D-Link DFL-500 user manual Adding NAT/Route mode policies, Changing to NAT/Route mode, Go to Firewall Policy
Page 23 Page 25