D-Link DFL-700 guide

Image 139

D-Link DFL-700 manual

Contents

Link DFL-700 Contents Firewall Servers Status 132 129 Introduction to Firewalls Features and BenefitsAccess Control supported Introduction Introduction to Local Area Networking Physical Connections LEDs System Requirements Package Contents Managing D-Link DFL-700 Resetting the DFL700 Administrative Access Administration Settings Add Admin access to an interface Add ping access to an interface Enable Snmp access to an interface Add Read-only access to an interface Interfaces SystemChange IP of the LAN or DMZ interface WAN Interface Settings Using Dhcp WAN Interface Settings Using Static IPIP Address The IP address of the WAN interface. This is Password WAN Interface Settings Using PPPoE WAN Interface Settings Using Pptp Password The password supplied to you by your ISP WAN Interface Settings Using BigPondTraffic Shaping MTU Configuration Routing Remove a Static Route Add a new Static RouteGo to System and Routing Logging Enable Audit Logging Enable LoggingEnable E-mail alerting for ISD/IDP events Page Time Checking the Set the system time box Using NTP to sync timeSetting time and date manually Changing time zone Action Types FirewallPolicy Policy modes Intrusion Detection / Prevention Service FilterSource and Destination Filter Schedule Traffic Shaping Add a new policy Change order of policy Configure Intrusion DetectionEnable the Delete policy checkbox Enable the Intrusion Detection / Prevention checkbox Configure Intrusion Prevention Add a new mapping Port mapping / Virtual Servers Delete mapping Enable the Delete mapping checkbox Add Administrative User Administrative users Change Administrative User Password Change Administrative User Access levelEnable the Change password checkbox Enable the Delete user checkbox Delete Administrative User DFL-700 Radius Support Users Enable Radius Support Enable User Authentication via Http / Https Add User Change User Password Delete User Add new recurring schedule Schedules Adding TCP, UDP or TCP/UDP Service Services Adding IP Protocol Grouping Services Protocol-independent settings Introduction to IPsec VPN Introduction to L2TP Introduction to PptpPoint-to-Point Protocol MPPE, Microsoft Point-To-Point Encryption Authentication Protocols L2TP/PPTP Clients Authentication protocol L2TP/PPTP Servers Authentication Protocol Introduction chapter Mppe encryption Creating a LAN-to-LAN IPSec VPN Tunnel VPN between two networks Creating a Roaming Users IPSec VPN Tunnel VPN between client and an internal network Adding a L2TP/PPTP VPN Server Adding a L2TP/PPTP VPN Client VPN Advanced Settings IKE Proposal List Proposal ListsIPSec Proposal List Certificates of remote peers CertificatesTrusting Certificates Local identities Identities Certificate Authorities Active content handling Content Filtering Edit the URL Global Whitelist Edit the URL Global Blacklist Active content handling Servers Dhcp Server Settings Enable by checking the Use built-in Dhcp Server box Enable Dhcp ServerEnable Dhcp Relay Disable Dhcp Server/Relayer Enable DNS Relayer DNS Relayer SettingsEnable by checking the Enable DNS Relayer box Disable DNS Relayer Ping ToolsPing Example Dynamic DNS Add Dynamic DNS Settings Exporting the DFL-700’s Configuration BackupRestoring the DFL-700’s Configuration Restoring system settings to factory defaults Restart/ResetRestarting the DFL-700 Page Upgrade Firmware UpgradeUpgrade IDS Signature-database System StatusCPU Load Interfaces VPN Connections Dhcp Server Users Conn events How to read the logsUsage events Drop events Close Example Open Example Step by step guides LAN IP 192.168.4.1, Subnet mask LAN-to-LAN VPN using IPsecLocal net 192.168.4.0/24 Remote Net 192.168.1.0/24 Enable Automatically add a route for the remote network Local net 192.168.1.0/24 LAN IP 192.168.1.1, Subnet mask Remote Net 192.168.4.0/24 LAN-to-LAN VPN using Pptp Username BranchOffice Click Activate and wait for the firewall to restart Settings for Main office Page Under Users in local database click Add new Select Local databasePage LAN-to-LAN VPN using L2TP Username BranchOffice Check Use IPsec encryption Settings for Main office Page Select Local database Under Users in local database click Add new More secure LAN-to-LAN VPN solution Page Page Settings for Main office Windows XP client and Pptp server Settings for the Windows XP client Select Connect to the network at my workplace and click Next Select Virtual Private Network connection and click Next Name the connection MainOffice and click Next 108 Select Do not dial the initial connection and click Next Page Click Properties Page Setup interfaces, System-Interfaces WAN IP193.0.2.20 Page Windows XP client and L2TP server 116 Settings for Main office Page Content filtering Select HTTP/HTML Content Filtering in the ALG dropdown Firewall-ServicesPage Page Intrusion detection and prevention Page Check Enable E-mail alerting for IDS/IDP events Traffic shaping Limit bandwidth to a service Guarantee bandwidth to a service Page Appendix a Icmp Types and Codes AppendixesPage ESP Appendix B Common IP Protocol Numbers Limited Warranty What Is Not Covered Wichtige Sicherheitshinweise Attenzione CE Mark WarningWarnung Advertencia de Marca de la CE Vcci Warning Offices 138 Page 140