Example Pptp Range configuration | D-Link DFL-500 specs

Example PPTP Range configuration

When using a RADIUS server for user authentication, PPTP and L2TP encryption is not supported and you should not select Require data encryption when configuring Windows clients for PPTP or L2TP.

•Add the addresses from the PPTP address range to the external interface address list. The addresses can be grouped into an external address group.

•Add the addresses to which PPTP users can connect to the internal interface. The addresses can be grouped into an address group.

•Add an Ext ->Int policy to allow PPTP clients to connect through the DFL-500 NPG. Configure the policy as follows:

Source Destination

Service

Action

NAT

The address group that matches the PPTP address range.

The address to which PPTP users can connect.

The service that matches the traffic type inside the PPTP VPN tunnel. For example, if PPTP users can access a web server, select HTTP.

ACCEPT

Select NAT if address translation is required.

You can also configure traffic shaping, logging, and web filter settings for PPTP policies. For information about adding firewall policies, see Adding NAT/Route mode policies.

DFL-500 User Manual	68

Image 68

D-Link DFL-500 user manual Example Pptp Range configuration, Source Destination Service Action

Contents

Link DFL-500 Regulatory Compliance Table of Contents Firewall configuration IPSec VPNs Logging and reporting Page NAT/Route mode and Transparent mode NAT/Route modeTransparent mode Introduction DFL-500 QuickStart Guide DFL-500 CLI Reference Guide Customer service and technical supportFor more information Mounting Package contentsGetting started Powering on Initial configuration Connecting to the web-based manager Bits per second Connecting to the command line interface CLIDFL-500 login Stop bits Flow control Next stepsData bits Parity NAT/Route mode settings NAT/Route mode installationPreparing to configure NAT/Route mode Using the setup wizard Using the command line interfaceStarting the setup wizard Reconnecting to the web-based manager Connecting to your networks Set system route number 1 gw1 Configuring your internal network Completing the configurationSetting the date and time DFL-500 NPG network connections Transparent mode installation Preparing to configure Transparent modeChanging to Transparent mode Transparent mode settings Administrator Password Configuring the Transparent mode management IP address Set system management ip 10.10.10.2 Configure the Transparent mode default gateway Setting the date and timeConnecting to your network DFL-500 network connections Firewall configuration Default policy Go to Firewall Policy Adding NAT/Route mode policiesChanging to NAT/Route mode Source Destination Schedule Service Action AuthenticationDynamic IP Pool Fixed Port VPN Tunnel Content filtering Web filter Adding a NAT/Route Int -Ext policy Adding Transparent mode policiesSource Destination Schedule Service Log Traffic Authentication Web filter Policy matching in detail Configuring policy listsAdding a Transparent mode Int -Ext policy Enabling and disabling policies AddressesChanging the order of policies in a policy list Adding addresses Deleting addressesGo to Firewall Address Adding a firewall address Services Organizing addresses into address groupsGo to Firewall Address Group Adding an internal address group Predefined services Providing access to custom servicesGrouping services Go to Firewall Service Custom Adding a service group SchedulesCreating one-time schedules Go to Firewall Schedule One-time Virtual IPs Creating recurring schedulesAdding a schedule to a policy Go to Firewall Schedule Recurring Static NAT Port Forwarding Adding static NAT virtual IPsGo to Firewall Virtual IP Using port forwarding virtual IPs Adding a static NAT virtual IP Adding policies with virtual IPs Go to Firewall Policy Ext IntAdding a Port Forwarding virtual IP Source IP pools Destination Schedule Service ActionAuthentication Log Traffic Web filter Go to Firewall IP/MAC Binding Setting IP/MAC bindingGo to Firewall IP/MAC Binding Static IP/MAC Adding an IP Pool Configuring IP/MAC binding for packets going to the firewall Adding IP/MAC addresses IP/MAC settings Viewing the dynamic IP/MAC listEnabling IP/MAC binding Go to Firewall IP/MAC Binding Dynamic IP/MAC Users and authentication Setting authentication time outAdding user names and configuring authentication Adding user names and configuring authentication Adding a user name DisableDeleting user names from the internal database Configuring Radius support Example Radius configurationAdding Radius servers Deleting Radius servers Configuring user groups Adding user groups Deleting user groups Adding a user group IPSec VPNs Interoperability with IPSec VPN products Configuring AutoIKE key IPSec VPN See Adding a remote gateway Configuring a VPN concentrator for hub and spoke VPN Configuring manual key IPSec VPNConfiguring dialup VPN Configuring the VPN concentrator Configuring the member VPNs Configuring IPSec redundancy Local ID Adding a remote gatewayGo to VPN Ipsec Remote Gateway Adding a remote gateway Dialup User selected About dialup VPN authenticationNat-traversal Keepalive Frequency Main mode with no user group selected About DH groups About the P1 proposalLocal ID Empty Key Go to VPN Ipsec AutoIKE Key Adding an AutoIKE key VPN tunnelAbout NAT traversal About the P2 proposal About replay detectionAutokey Keep Alive Concentrator Adding an AutoIKE key VPN tunnel Go to VPN Ipsec Manual Key Adding a manual key VPN tunnelAbout perfect forward secrecy PFS Adding a VPN concentrator Adding a manual key VPN tunnel Adding an encrypt policy Adding a VPN concentrator VPN Tunnel Allow inbound Go to Firewall Policy Int-ExtAdding an encrypt policy Viewing VPN tunnel status Allow outbound Inbound AutoIKE key tunnel status Testing a VPNViewing dialup VPN connection status Page Pptp VPN configuration Pptp and L2TP VPNs Pptp VPN between a Windows client and the DFL-500 NPG Configuring the DFL-500 NPG as a Pptp gatewayGo to VPN Pptp Pptp Range Example Pptp Range configuration Source Destination Service Action L2TP VPN configuration Configuring the DFL-500 NPG as an L2TP gatewayGo to VPN L2TP L2TP Range L2TP VPN between a Windows client and the DFL-500 NPG Sample L2TP address range configuration Web content filtering Enabling web content FilteringBlocking web pages that contain unwanted content Configuring content filtering Backing up and restoring the banned word list Changing the content block messageClearing the banned word list Go to Web Filter URL Block Blocking access to URLsConfiguring URL blocking Clearing the URL block list Changing the URL block messageDownloading the URL block list Uploading a URL block list Go to Web Filter Script Filter Exempting URLs from content or URL blockingRemoving scripts from web pages Adding URLs to the Exempt URL List Clearing the Exempt URL listDownloading the Exempt URL list Go to Web Filter Exempt URL Uploading an Exempt URL list Configuring Logging Go to Log&Report Log settingLogging and reporting Recording logs on a remote computer Selecting what to log Configuring alert emailExample log settings Configuring alert email Go to System Network DNS Administration System status Upgrading the DFL-500 NPG firmware Execute ping Enter File Name image.out Enter Tftp Server AddressEnter Local Address Backing up system settings Restoring system settingsRestoring system settings to factory defaults Displaying the DFL-500 NPG serial number Changing to Transparent mode System status monitor Restarting the DFL-500 NPGShutting down the DFL-500 NPG Network configuration System status monitorCPU usage Memory usage Up time Total Number of Sessions Protocol From IP From Port To IP To Port Expire Clear Configuring the internal interface Configuring the external interfaceConfiguring the internal interface Go to System Network Interface Configuring the external interface with a static IP address Configuring the external interface for PPPoE Configuring the external interface Https Ping SSH Snmp Configuring routing Configuring the management interface Transparent modeSetting DNS server addresses Adding routing gateways Go to System Network Routing Table Adding a default routeAdding routes to the routing table Configuring the routing table Adding routes Transparent modeEnabling RIP server support Go to System Network Routing Providing Dhcp services to your internal network Default Route Exclusion RangeGo to System Network Dhcp Starting IP Ending IP Netmask Lease Duration Domain Example Dynamic IP list System configurationSample Dhcp settings Example date and time setting Setting system date and timeGo to System Config Time Adding and editing administrator accounts Go to System Config AdminChanging web-based manager options Read Write Only Configuring Snmp Go to System Config Snmp 100 Glossary 101 102 103 Index 104 CLI 105 Dhcp 106 Snmp 107 PFS 108 Transparent mode manual key Adding VPN tunnel IPSec VPN 109 NTP 110 Pptp 111 Smtp 112 VPN 113 IPSec VPN Remote Gateway user groups Deleting 114 115 Technical Support 116 Registration Card 117 118 Limited Warranty 119 120 121 Registration 122