Organizing addresses into address groups

You can organize related addresses into address groups to make it easier to add policies. For example, if you add three addresses, and then add them to an address group, you only have to add one policy for the address group rather than three separate policies, one for each address.

You can add address groups to both interfaces. The address group can only contain addresses from that interface. Address groups are available in interface source or destination address lists.

Address groups cannot have the same names as individual addresses. If an address group is included in a policy, it cannot be deleted unless it is first removed from the policy.

Go to Firewall > Address > Group .

Select the interface list to which to add the address group: New Int Group, or New Ext Group.

Adding an internal address group

Enter a Group Name to identify the address group.

The name can contain numbers (0-9), uppercase and lowercase letters (A-Z, a-z), and the special characters - and _. Other special characters and spaces are not allowed.

To add addresses to the address group, select an address from the Available Addresses list and select the right arrow to add it to the Members list.

To remove addresses from the address group, select an address from the Members list and select the left arrow to remove it from the group.

Select OK to add the address group.

Services

Use services to control the types of communication accepted or denied by the firewall. You can add any of the predefined services to a policy. You can also create your own custom services and add services to service groups.

This section describes:

DFL-500 User Manual

32

 

Page 32
Image 32
D-Link DFL-500 user manual Services, Organizing addresses into address groups, Go to Firewall Address Group