In NAT/Route mode you can also create route mode policies between interfaces. Route mode policies accept
or deny connections between networks without performing address translation.
Transparent mode
Select Transparent Mode to provide firewall protection to a network with public addresses. There are no
restrictions on the addresses of the interfaces of the DFL-500. Therefore, the DFL-500 can be inserted into
your network at any point without the need to make changes to your network. In transparent mode, the DFL-
500 acts like a router.
In transparent mode, you create route mode policies to accept or deny connections between the internal and
external interface. You manage the DFL-500 by connecting to a transparent mode management interface
through the internal interface.
Changing to Transparent mode
Use the following procedure if you want to switch the DFL-500 from NAT/Route mode to Transparent mode.
Note
: Changing to Transparent mode deletes NAT/Route mode firewall policies and addresses and IPSec VPN
policies.
Using the web-based manager:
·
Go to
Firewall > Mode
.
·
Select Transparent.
·
Select Apply.
·
Select OK.
·
To reconnect to the web-based manager:
Connect to the internal interface and browse to https:// followed by the transparent mode management IP
address. The default transparent mode Management IP address is 192.168.1.99.
Changing to NAT/Route mode
Use the following procedure if you want to switch the DFL-500 from Transparent mode to NAT/Route mode.
Note
: Changing to NAT/Route mode deletes all Transparent mode firewall policies and addresses.
Using the web-based manager:
·
Go to
Firewall > Mode
.
·
Select NAT/Route.
·
Select Apply.
The DFL-500 changes operation mode.
·
To reconnect to the web-based manager, browse to the interface that you have configured for
management access using https:// followed by the IP address of the interface.
Changing the policy mode between interfaces
If the firewall is running in NAT/Route mode, you can configure the policy mode for connections between the
internal and external interface. The default policy mode is NAT.
DFL-500 User Manual
30