Web filter, Content filtering | D-Link DFL-500 instruction

		Telnet, or FTP. For users to be able to authenticate you must add an HTTP, Telnet, or FTP policy
		that is configured for authentication. When users attempt to connect through the firewall using this
		policy they are prompted to enter a firewall username and password.
		If you want users to authenticate to use other services (for example POP3 or IMAP) you can create
		a service group that includes the services for which you want to require authentication as well as
		HTTP, Telnet, and FTP. Then users could authenticate with the policy using HTTP, Telnet, or FTP
		before using the other service.
		In most cases you should make sure that users can use DNS through the firewall without
		authentication. If DNS is not available users cannot connect to a web, FTP, or Telnet server using
		a domain name.
		Enable web filter content filtering for traffic controlled by this policy. You can select Web filter if
		Service is set to ANY or HTTP or to a service group that includes the HTTP service.
	Web filter	For web filter content filtering to take effect, you must configure web content filtering. See Web
	Web filter	content filtering.
		content filtering.

You can select show settings to display the current web filter content filtering settings for the DFL-

500NPG.

•Select OK to add the policy.

The policy is added to the selected policy list.

•Arrange policies in the policy list so that they have the results that you expect. See Configuring policy lists for more information.

DFL-500 User Manual	26

Image 26

D-Link DFL-500 user manual Web filter, Content filtering

Contents

Link DFL-500 Regulatory Compliance Table of Contents Firewall configuration IPSec VPNs Logging and reporting Page Transparent mode NAT/Route mode and Transparent modeNAT/Route mode Introduction DFL-500 QuickStart Guide DFL-500 CLI Reference Guide Customer service and technical supportFor more information Mounting Package contentsGetting started Powering on Initial configuration Connecting to the web-based manager Bits per second Connecting to the command line interface CLIDFL-500 login Stop bits Flow control Next stepsData bits Parity NAT/Route mode settings NAT/Route mode installationPreparing to configure NAT/Route mode Starting the setup wizard Using the setup wizardUsing the command line interface Reconnecting to the web-based manager Connecting to your networks Set system route number 1 gw1 Setting the date and time Configuring your internal networkCompleting the configuration DFL-500 NPG network connections Changing to Transparent mode Transparent mode installationPreparing to configure Transparent mode Transparent mode settings Administrator Password Configuring the Transparent mode management IP address Set system management ip 10.10.10.2 Configure the Transparent mode default gateway Setting the date and timeConnecting to your network DFL-500 network connections Firewall configuration Default policy Go to Firewall Policy Adding NAT/Route mode policiesChanging to NAT/Route mode Dynamic IP Pool Fixed Port Source Destination Schedule Service ActionAuthentication VPN Tunnel Content filtering Web filter Adding a NAT/Route Int -Ext policy Adding Transparent mode policiesSource Destination Schedule Service Log Traffic Authentication Web filter Policy matching in detail Configuring policy listsAdding a Transparent mode Int -Ext policy Enabling and disabling policies AddressesChanging the order of policies in a policy list Go to Firewall Address Adding addressesDeleting addresses Adding a firewall address Go to Firewall Address Group ServicesOrganizing addresses into address groups Adding an internal address group Grouping services Predefined servicesProviding access to custom services Go to Firewall Service Custom Creating one-time schedules Adding a service groupSchedules Go to Firewall Schedule One-time Adding a schedule to a policy Virtual IPsCreating recurring schedules Go to Firewall Schedule Recurring Static NAT Port Forwarding Adding static NAT virtual IPsGo to Firewall Virtual IP Using port forwarding virtual IPs Adding a static NAT virtual IP Adding a Port Forwarding virtual IP Adding policies with virtual IPsGo to Firewall Policy Ext Int Source IP pools Destination Schedule Service ActionAuthentication Log Traffic Web filter Go to Firewall IP/MAC Binding Static IP/MAC Go to Firewall IP/MAC Binding SettingIP/MAC binding Adding an IP Pool Configuring IP/MAC binding for packets going to the firewall Adding IP/MAC addresses Enabling IP/MAC binding IP/MAC settingsViewing the dynamic IP/MAC list Go to Firewall IP/MAC Binding Dynamic IP/MAC Adding user names and configuring authentication Users and authenticationSetting authentication time out Adding user names and configuring authentication Adding a user name DisableDeleting user names from the internal database Adding Radius servers Configuring Radius supportExample Radius configuration Deleting Radius servers Configuring user groups Adding user groups Deleting user groups Adding a user group IPSec VPNs Interoperability with IPSec VPN products Configuring AutoIKE key IPSec VPN See Adding a remote gateway Configuring a VPN concentrator for hub and spoke VPN Configuring manual key IPSec VPNConfiguring dialup VPN Configuring the VPN concentrator Configuring the member VPNs Configuring IPSec redundancy Local ID Adding a remote gatewayGo to VPN Ipsec Remote Gateway Adding a remote gateway Dialup User selected About dialup VPN authenticationNat-traversal Keepalive Frequency Main mode with no user group selected Local ID Empty About DH groupsAbout the P1 proposal Key Go to VPN Ipsec AutoIKE Key Adding an AutoIKE key VPN tunnelAbout NAT traversal Autokey Keep Alive Concentrator About the P2 proposalAbout replay detection Adding an AutoIKE key VPN tunnel Go to VPN Ipsec Manual Key Adding a manual key VPN tunnelAbout perfect forward secrecy PFS Adding a VPN concentrator Adding a manual key VPN tunnel Adding an encrypt policy Adding a VPN concentrator VPN Tunnel Allow inbound Go to Firewall Policy Int-ExtAdding an encrypt policy Viewing VPN tunnel status Allow outbound Inbound AutoIKE key tunnel status Testing a VPNViewing dialup VPN connection status Page Pptp VPN configuration Pptp and L2TP VPNs Pptp VPN between a Windows client and the DFL-500 NPG Configuring the DFL-500 NPG as a Pptp gatewayGo to VPN Pptp Pptp Range Example Pptp Range configuration Source Destination Service Action Go to VPN L2TP L2TP Range L2TP VPN configurationConfiguring the DFL-500 NPG as an L2TP gateway L2TP VPN between a Windows client and the DFL-500 NPG Sample L2TP address range configuration Blocking web pages that contain unwanted content Web content filteringEnabling web content Filtering Configuring content filtering Backing up and restoring the banned word list Changing the content block messageClearing the banned word list Go to Web Filter URL Block Blocking access to URLsConfiguring URL blocking Downloading the URL block list Clearing the URL block listChanging the URL block message Uploading a URL block list Go to Web Filter Script Filter Exempting URLs from content or URL blockingRemoving scripts from web pages Downloading the Exempt URL list Adding URLs to the Exempt URL ListClearing the Exempt URL list Go to Web Filter Exempt URL Uploading an Exempt URL list Logging and reporting Configuring LoggingGo to Log&Report Log setting Recording logs on a remote computer Selecting what to log Configuring alert emailExample log settings Configuring alert email Go to System Network DNS Administration System status Upgrading the DFL-500 NPG firmware Execute ping Enter File Name image.out Enter Tftp Server AddressEnter Local Address Restoring system settings to factory defaults Backing up system settingsRestoring system settings Displaying the DFL-500 NPG serial number Changing to Transparent mode System status monitor Restarting the DFL-500 NPGShutting down the DFL-500 NPG CPU usage Memory usage Up time Total Number of Sessions Network configurationSystem status monitor Protocol From IP From Port To IP To Port Expire Clear Configuring the internal interface Configuring the internal interfaceConfiguring the external interface Go to System Network Interface Configuring the external interface with a static IP address Configuring the external interface for PPPoE Configuring the external interface Https Ping SSH Snmp Setting DNS server addresses Configuring routingConfiguring the management interface Transparent mode Adding routing gateways Go to System Network Routing Table Adding a default routeAdding routes to the routing table Enabling RIP server support Configuring the routing tableAdding routes Transparent mode Go to System Network Routing Go to System Network Dhcp Providing Dhcp services to your internal networkDefault Route Exclusion Range Starting IP Ending IP Netmask Lease Duration Domain Example Dynamic IP list System configurationSample Dhcp settings Example date and time setting Setting system date and timeGo to System Config Time Changing web-based manager options Adding and editing administrator accountsGo to System Config Admin Read Write Only Configuring Snmp Go to System Config Snmp 100 Glossary 101 102 103 Index 104 CLI 105 Dhcp 106 Snmp 107 PFS 108 Transparent mode manual key Adding VPN tunnel IPSec VPN 109 NTP 110 Pptp 111 Smtp 112 VPN 113 IPSec VPN Remote Gateway user groups Deleting 114 115 Technical Support 116 Registration Card 117 118 Limited Warranty 119 120 121 Registration 122