D-Link DFL-700 - Security Appliance Manual Download Page 101

Page: 101 / 141

A more secure LAN-to-LAN VPN solution

Go get a more secure solution, policies should be created instead of allowing all traffic

between the two offices. The following steps will show how to enable some common services.
In this example we have a mail server, ftp server and a web server (intranet) in the main office
that we want to access from the branch office.

Settings for Branch office

Setup policies for the new tunnel,

Firewall->Policy:

Click

Global policy parameters

Disable

Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN

Click

Apply

Now is it possible to create policies for the VPN interfaces. Select from

LAN

toMainOffice

and click

Show

Click

Add new

to create the first rule

Summary of Contents for DFL-700 - Security Appliance

Page 1: ...D Link DFL 700 Network Security Firewall Manual Building Networks for People Ver 1 02 20050419...

Page 2: ...access to an interface 14 Enable SNMP access to an interface 14 System 15 Interfaces 15 Change IP of the LAN or DMZ interface 15 WAN Interface Settings Using Static IP 16 WAN Interface Settings Using...

Page 3: ...rs 36 Add Administrative User 36 Change Administrative User Access level 37 Change Administrative User Password 37 Delete Administrative User 38 Users 39 The DFL 700 RADIUS Support 39 Enable User Auth...

Page 4: ...E Mode 56 IKE DH Group 56 PFS Perfect Forward Secrecy 56 NAT Traversal 56 Keepalives 56 Proposal Lists 57 IKE Proposal List 57 IPSec Proposal List 57 Certificates 58 Trusting Certificates 58 Local ide...

Page 5: ...s 75 VPN 76 Connections 77 DHCP Server 78 Users 79 How to read the logs 80 USAGE events 80 DROP events 80 CONN events 80 Step by step guides 82 LAN to LAN VPN using IPsec 83 Settings for Branch office...

Page 6: ...15 Settings for Main office 117 Content filtering 119 Intrusion detection and prevention 123 Traffic shaping 126 Limit bandwidth to a service 126 Limit bandwidth to one or more IP addresses 126 Guaran...

Page 7: ...ized access to or from your network A firewall can be a computer using firewall software or a special piece of hardware built specifically to act as a firewall In most circumstances a firewall is used...

Page 8: ...have a Network Interface Card NIC which communicates the data between computers A NIC is usually a 10Mbps network card a 10 100Mbps network card or a wireless network card Most networks use hardware d...

Page 9: ...Serial access to the firewall software 9600 8bit None Parity 1Stop bit DMZ Port Use this port to connect to the company s server s which needs direct connection to the Internet FTP SNMP HTTP DNS Inte...

Page 10: ...ting than the one included with the DFL 700 will cause damage and void the warranty for this product If any of the above items are missing please contact your reseller System Requirements Computer wit...

Page 11: ...ed to login again This have to be done before a configurable timeout has been reached this can be set on the Activate Configuration Changes page by choosing the time from the dropdown menu Resetting t...

Page 12: ...DFL 700 and change configuration can be HTTPS or HTTP and HTTPS Read Only If enabled allows all users with read only access to connect to the DFL 700 and look at the configuration can be HTTPS or HTT...

Page 13: ...to an interface To add admin access click on the interface you would like to add it to Only users with the administrator rights can login on an interfaces where there is only admin access enabled Foll...

Page 14: ...for a range Step 4 Specify protocol used to access the DFL 700 from the dropdown menu either HTTP and HTTPS Secure HTTP or only HTTPS Click the Apply button below to apply the setting or click Cancel...

Page 15: ...e to view or change under the Available interfaces list Step 2 Fill in the IP address of the LAN or DMZ interface These are the address that will be used to ping the firewall remotely control it and u...

Page 16: ...ddress of the WAN interface This is the address that may be used to ping the firewall remotely control it and be used as source address for dynamically translated connections Subnet Mask Size of the e...

Page 17: ...address of the external interface You will have to fill the username and password provided to you by your ISP Username The login or username supplied to you by your ISP Password The password supplied...

Page 18: ...r ISP PPTP Server IP The IP of the PPTP server that the DFL 700 should connect to Before PPTP can be used to connect to you ISP the physical WAN interface parameters need to be supplied it s possible...

Page 19: ...700 For example the policy for the web server might be given higher priority than the policies for most employees computers You can use traffic shaping to guarantee the amount of bandwidth available t...

Page 20: ...down transmission speeds Trial and error is the only sure way of finding the optimal MTU but there are some guidelines that can help For example the MTU of many PPP connections is 576 so if you connec...

Page 21: ...to the firewall interface no gateway address is specified Local IP Address The IP address specified here will be automatically published on the corresponding interface This address will also be used...

Page 22: ...s network is behind a remote gateway enable the checkbox Network is behind remote gateway and specify the IP of that gateway Click the Apply button below to apply the setting or click Cancel to discar...

Page 23: ...its activities by sending the log data to one or two log receivers in the network All logging is done to Syslog recipients The log format used for syslog logging is suitable for automated processing...

Page 24: ...rewall follow the sets below and the firewall will start logging all traffic trough the firewall this is needed for running third party log analyzers on the logs and to see how much traffic different...

Page 25: ...ed in the usual logs if IDS is enabled for any of the rules For more information about how to enable intrusion detection and prevention on a policy or port mapping read more under Policies and Port Ma...

Page 26: ...lick on System in the menu bar and then click Time below it This will give you the option to either set the system time by syncing to an Internet Network Time Server NTP or by entering the system time...

Page 27: ...nc to an Internet Time Server Step 1 Enable synchronization by checking the Enable NTP box Step 2 Enter the Server IP Address or Server name with which you want to synchronize Click the Apply button b...

Page 28: ...network to the dmz interface and a public network such as the Internet to the external interface Then you can create NAT mode policies to accept or deny connections between these networks NAT mode pol...

Page 29: ...d on either the TCP or the UDP protocol The following is used when making a custom service Custom source destination ports For many services a single destination port is sufficient The source port mos...

Page 30: ...n the network not the applications be responsible for network traffic control in well defined choke points Traffic shaping works by measuring and queuing IP packets in transit with respect to a number...

Page 31: ...y or write Any for any authenticated user If it s left blank there is no need for authentication for the policy Destination Nets Specifies the span of IP addresses to be compared to the destination IP...

Page 32: ...policy Step 1 Choose the policy list you would like do delete the policy in from the available policy lists Step 2 Click on the Edit link on the rule you want to delete Step 3 Enable the Delete policy...

Page 33: ...ve IDP on Step 2 Click on the Edit link on the rule you want to delete Step 3 Enable the Intrusion Detection Prevention checkbox Step 4 Choose Prevention from the mode drop down list Step 5 Enable the...

Page 34: ...wing values Name Specifies a symbolic name for the rule This name is used mainly as a rule reference in log data and for easy reference in the policy list Source Nets Specify the source networks leave...

Page 35: ...ose the mapping list WAN LAN or DMZ you would like do delete the mapping from Step 2 Click on the Edit link on the rule you want to delete Step 3 Enable the Delete mapping checkbox Click the Apply but...

Page 36: ...users in each access level Add Administrative User Follow these steps to add a new administrative user Step 1 Click on add after the type of user you would like to add Admin or Read only Step 2 Fill i...

Page 37: ...ike to change level of Step 2 Choose the appropriate level from the drop down menu Click the Apply button below to apply the setting or click Cancel to discard changes Change Administrative User Passw...

Page 38: ...these steps to delete an Administrative User Step 1 Click on the user you would like to change level of Step 2 Enable the Delete user checkbox Click the Apply button below to apply the setting or cli...

Page 39: ...t end to other authentication services The DFL 700 RADIUS Support The DFL 700 can use RADIUS to verify users against for example Active Directory or Unix password file It is possible to configure up t...

Page 40: ...for the management WebUI to listen on as the user authentication will use the same ports as the management WebUI is using Click the Apply button below to apply the setting or click Cancel to discard...

Page 41: ...and password can contain numbers 0 9 and upper and lower case letters A Z a z Special characters and spaces are not allowed Change User Password To change the password of a user click on the user nam...

Page 42: ...w these steps to delete a user Step 1 Click on the user you would like to change level of Step 2 Enable the Delete user checkbox Click the Apply button below to apply the setting or click Cancel to di...

Page 43: ...o access the Internet during work hours Therefore one may create a schedule to allow the firewall to allow traffic Monday Friday 8AM 5PM only During the non work hours the firewall will not allow Inte...

Page 44: ...ing source ports 1024 65535 and destination ports 80 82 90 92 95 In this case a TCP or UDP packet with the destination port being one of 80 81 82 90 91 92 or 95 and the source port being in the range...

Page 45: ...al characters and spaces are allowed Step 3 Select IP Protocol Step 4 Specify a comma separated list of IP protocols Click the Apply button below to apply the change or click Cancel to discard changes...

Page 46: ...xisting connection Check this option to enable this feature for connections using this service ALG Like other stateful inspection based firewalls DFL 700 filters on information found in packet headers...

Page 47: ...onnections by defining a set of Security Associations SAs for each connection SAs are unidirectional so there will be at least two SAs per IPSec connection The other part is the actual IP data being t...

Page 48: ...his is often encapsulated in IPSec for encryption instead of using MPPE Point to Point Protocol PPP Point to Point Protocol is a standard for transporting datagram s over point to point links It is us...

Page 49: ...password is used to create the one way MD5 hash That means that CHAP requires passwords to be stored in a reversibly encrypted form MS CHAP v1 MS CHAP v1 Microsoft Challenge Handshake Authentication P...

Page 50: ...PPTP L2TP Server To connect to Dial on demand is used when the tunnel should only be used when needed if diabled the tunnel will always try to be up Authentication protocol Specify if and what authent...

Page 51: ...ver will use as IP address pool to give out IP addresses to the clients from Primary Secondary DNS IP of the primary and secondary DNS servers Primary Secondary WINS IP of the Windows Internet Name Se...

Page 52: ...If MPPE encryption is going to be used this is where the encryption level is configured If L2TP or PPTP over IPSec is going to be used it has to be enabled and configured to either use a Pre Shared Ke...

Page 53: ...DMZ networks The networks at the ends of the VPN tunnel are selected when you configure the VPN policy Creating a LAN to LAN IPSec VPN Tunnel Follow these steps to add LAN to LAN Tunnel Step 1 Go to...

Page 54: ...steps to add a roaming users tunnel Step 1 Go to Firewall and VPN and choose Add new in the IPSec tunnels section Step 2 Enter a Name for the new tunnel in the name field The name can contain numbers...

Page 55: ...Client choose authentication type either PSK Pre shared Key or Certificate based Click the Apply button below to apply the change or click Cancel to discard changes Adding a L2TP PPTP VPN Server Follo...

Page 56: ...crecy is enabled a new Diffie Hellman exchange is performed for each phase 2 negotiation While this is slower it makes sure that no keys are dependent on any other previously used keys no keys are ext...

Page 57: ...PN gateway one after another until a matching proposal is found IKE Proposal List Cipher Specifies the encryption algorithm used in this IKE proposal Supported algorithms are AES 3DES DES Blowfish Two...

Page 58: ...e signatures of all certificates in the certification path Fetch the CRL for each certificate to verify that none of the certificates have been revoked Local identities This is a list of all the local...

Page 59: ...onfigured Identity lists An Identity list can be used on the VPN page to limit inbound VPN access from this list of known identities Normally a VPN tunnel is established if the certificate of the remo...

Page 60: ...xample com and example com to catch the domain name by itself as well as variants with prefixed host names www without having the filter trigger on domains ending with the same text Note For HTTP URL...

Page 61: ...ve a url Step 1 Go to Firewall and Content Filtering and choose Edit global URL whitelist Step 2 Add edit or remove the URL that should never be checked with the Content Filtering Click the Apply butt...

Page 62: ...and choose Edit global URL blacklist Step 2 Add edit or remove the URL that should be checked with the Content Filtering Click the Apply button below to apply the change or click Cancel to discard cha...

Page 63: ...ould like to strip For example to strip ActiveX and Flash enable the checkbox named Strip ActiveX objects It s possible to strip ActiveX Flash Java JavaScript and VBScript it s also possible to block...

Page 64: ...y address DNS Servers WINS Servers Domain name The DFL 700 DHCP Server assigns and manages IP addresses from specified address pools within the firewall to the DHCP clients Note Leases are remembered...

Page 65: ...click Cancel to discard changes Enable DHCP Relay To enable the DHCP Relay on an interface click on Servers in the menu bar and then click DHCP Server below it Follow these steps to enable the DHCP R...

Page 66: ...wall itself Enable DNS Relayer Follow these steps to enable the DNS Relayer Step 1 Enable by checking the Enable DNS Relayer box Step 2 Enter the IP numbers that the DFL 700 should listen for DNS quer...

Page 67: ...ble DNS Relayer Follow these steps to disable the DNS Relayer Step 1 Disable by un checking the Enable DNS Relayer box Click the Apply button below to apply the setting or click Cancel to discard chan...

Page 68: ...Echo Requests to Number of packets Number of ICMP Echo Request packets to send up to 10 Packet size Size of the packet to send between 32 and 1500 bytes Ping Example In this example the IP Address is...

Page 69: ...s menu to enter Dynamic DNS configuration The firewall provides a list of a few predefined DynDNS service providers users have to register with one of these providers before trying to use this functio...

Page 70: ...ng the DFL 700 s Configuration Follow these steps to export the configuration Step 1 Under the Tools menu and the Backup section click on the Download configuration button Step 2 When the File Downloa...

Page 71: ...se the following procedure to restore system settings to the values set at the factory This procedure will possibly change the DFL 700 firmware version to lower version if it has been upgraded This pr...

Page 72: ...Factory Defaults button Step 2 Click OK in the dialog to reset the unit to factory default or press Cancel to cancel You can restore your system settings by uploading a previously downloaded system c...

Page 73: ...e file name of the newest version of the firmware then click Upload firmware image The updating process won t overwrite the system configuration so it is not necessary but still a good idea to backup...

Page 74: ...rmation about the DFL 700 Uptime The time the firewall have been running since the last reboot or start CPU Load Percentage of cpu used Connections Number of current connections trough the firewall Fi...

Page 75: ...r DMZ Interface Name of the interface shown LAN WAN or DMZ Link status Displays what link the current interface has the speed can be 10 or 100 Mbps and the duplex can be Half or Full MAC Address MAC a...

Page 76: ...tion about the first VPN tunnel will be show to see another one click on that VPN tunnels name The two graphs display the send and receive rate trough the selected VPN tunnel during the last 24 hours...

Page 77: ...eives packets from each end of the connection The value shown in the Timeout column is the lower of the two values Possible values in the State column include TPC_CLOSE TCP_OPEN SYN_RECV FIN_RECV and...

Page 78: ...plays the configured ranges of IP s that are given out as DHCP leases Usage Display how much of the IP range is give out to DHCP clients Active leases are the current computers using this DHCP server...

Page 79: ...s logged in on PPTP and L2TP servers will be listed here Users can be forced to log out by clicking logout Currently recognized privileges all users and groups that are used in policies are listed her...

Page 80: ...s and amount of traffic Example Oct 20 2003 09 45 23 gateway EFW USAGE conns 1174 if0 core ip0 127 0 0 1 tp0 0 00 if1 wan ip1 192 168 10 2 tp1 11 93 if2 lan ip2 192 168 0 1 tp2 13 27 if3 dmz ip3 192 1...

Page 81: ...om 192 168 0 10 on the LAN interface is connecting to 64 7 210 132 on port 80 on the WAN side of the firewall internet Another event is generated when the connection is closed The information included...

Page 82: ...swords used in these examples are not recommended for real life use Passwords and keys should be chosen so that they are impossible to guess or find out by eg a dictionary attack In these guides for e...

Page 83: ...ces System Interfaces WAN IP 193 0 2 10 LAN IP 192 168 4 1 Subnet mask 255 255 255 0 2 Setup IPsec tunnel Firewall VPN Under IPsec tunnels click Add new Name the tunnel ToMainOffice Local net 192 168...

Page 84: ...192 168 1 0 24 Remote Gateway 194 0 2 20 Enable Automatically add a route for the remote network Click Apply 3 Setup policies for the new tunnel Firewall Policy Click Global policy parameters Enable...

Page 85: ...ces System Interfaces WAN IP 193 0 2 20 LAN IP 192 168 1 1 Subnet mask 255 255 255 0 2 Setup IPsec tunnel Firewall VPN Under IPsec tunnels click add new Name the tunnel ToBranchOffice Local net 192 16...

Page 86: ...tup policies for the new tunnel Firewall Policy Click Global policy parameters Enable Allow all VPN traffic internal VPN VPN internal and VPN VPN Click Apply 4 Click Activate and wait for the firewall...

Page 87: ...gs for Branch office 1 Setup interfaces System Interfaces WAN IP 193 0 2 10 LAN IP 192 168 4 1 Subnet mask 255 255 255 0 2 Setup PPTP client Firewall VPN Under PPTP L2TP clients click Add new PPTP cli...

Page 88: ...e You should use a password that is hard to guess Retype password 1234567890 Interface IP leave blank Remote gateway 192 0 2 20 Remote net 192 168 1 0 24 Dial on demand leave unchecked Under authentic...

Page 89: ...Leave Use IPsec encryption unchecked Click Apply 3 Setup policies for the new tunnel Firewall Policy Click Global policy parameters Enable Allow all VPN traffic internal VPN VPN internal and VPN VPN C...

Page 90: ...55 255 255 0 2 Setup PPTP server Firewall VPN Under L2TP PPTP Server click Add new PPTP server Name the server pptpServer Leave Outer IP and Inner IP blank Set client IP pool to 192 168 1 100 192 168...

Page 91: ...MPPE encryption 128 bit should be the only checked option Leave Use IPsec encryption unchecked Click Apply 3 Setup policies for the new tunnel Firewall Policy Click Global policy parameters Enable Al...

Page 92: ...rs Under Users in local database click Add new Name the new user BranchOffice Enter password 1234567890 Retype password 1234567890 Leave static client IP empty could also be set to eg 192 168 1 200 If...

Page 93: ...Click Activate and wait for the firewall to restart This example will allow all traffic between the two offices To get a more secure solution read the A more secure LAN to LAN VPN solution section in...

Page 94: ...ings for Branch office 1 Setup interfaces System Interfaces WAN IP 193 0 2 10 LAN IP 192 168 4 1 Subnet mask 255 255 255 0 2 Setup L2TP client Firewall VPN Under L2TP PPTP client click Add new L2TP cl...

Page 95: ...Note You should use a password that is hard to guess Retype password 1234567890 Interface IP leave blank Remote gateway 192 0 2 20 Remote net 192 168 1 0 24 Dial on demand leave unchecked Under authe...

Page 96: ...ryption Enter key 1234567890 Note You should use a key that is hard to guess Retype key 1234567890 Click Apply 3 Setup policies for the new tunnel Firewall Policy Click Global policy parameters Enable...

Page 97: ...2 20 LAN IP 192 168 1 1 Subnet mask 255 255 255 0 2 Setup L2TP server Firewall VPN Under L2TP PPTP Server click Add new L2TP server Name the server l2tpServer Leave Outer IP and Inner IP blank Set cl...

Page 98: ...ication MSCHAPv2 should be the only checked option Under MPPE encryption None should be the only checked option Check Use IPsec encryption Enter key 1234567890 Note You should use a key that is hard t...

Page 99: ...the new tunnel Firewall Policy Click Global policy parameters Enable Allow all VPN traffic internal VPN VPN internal and VPN VPN Click Apply 4 Set up authentication source Firewall Users Select Local...

Page 100: ...empty could also be set to eg 192 168 1 200 If no IP is set here the IP pool from the L2TP server settings are used Set Networks behind user to 192 168 4 0 24 Click Apply 6 Click Activate and wait fo...

Page 101: ...erver ftp server and a web server intranet in the main office that we want to access from the branch office Settings for Branch office 1 Setup policies for the new tunnel Firewall Policy Click Global...

Page 102: ...he new rule Name the new rule allow_pop3 Select action Allow Select service pop3 Select schedule Always We don t want any Intrusion detection or traffic shaping for now so leave these options unchecke...

Page 103: ...4 to create services named allow_imap allow_ftp and allow_http The services for these policies should be imap ftp_passthrough and http The policy list for LAN toMainOffice should now look like this 6...

Page 104: ...ic internal VPN VPN internal and VPN VPN Click Apply 2 Now is it possible to create policies for the VPN interfaces Select from toBranchOffice to LAN and click Show 3 Create same 4 policy rules as was...

Page 105: ...ng the Category view click on the Network and Internet Connections icon Then click Create a connection to the network on your workplace and continue to step 6 If you are using the Classic view click o...

Page 106: ...106 5 Select Connect to the network at my workplace and click Next...

Page 107: ...6 Select Virtual Private Network connection and click Next...

Page 108: ...108 7 Name the connection MainOffice and click Next...

Page 109: ...8 Select Do not dial the initial connection and click Next...

Page 110: ...110 9 Type the IP address to the server 194 0 2 20 and click Next 10 Click Finish...

Page 111: ...11 Type user name HomeUser and password 1234567890 Note You should use a password that is hard to guess 12 Click Properties...

Page 112: ...working tab and change Type of VPN to PPTP VPN Click OK All settings needed for the XP client is now done When we have set up the server on the firewall you can click Connect to establish the connecti...

Page 113: ...Leave WINS settings blank Under authentication MSCHAPv2 should be the only checked option Under MPPE encryption 128 bit should be the only checked option Leave Use IPsec encryption unchecked Click Ap...

Page 114: ...PPTP server settings are used Click Apply 6 Click Activate and wait for the firewall to restart This example will allow all traffic from the client to the main office network To get a more secure solu...

Page 115: ...ar to the PPTP setup above Settings for the Windows XP client To setup a L2TP connection from Windows XP to the Main office firewall you can follow the steps in the PPTP guide above for the client sid...

Page 116: ...116 2 Select the Security tab and click IPsec Settings 3 Check Use pre shared key for authentication type the key and click OK...

Page 117: ...r authentication MSCHAPv2 should be the only checked option Under MPPE encryption None should be the only checked option Check the Use IPsec encryption box Enter the pre shared key 1234567890 and rety...

Page 118: ...PPTP server settings are used Click Apply 6 Click Activate and wait for the firewall to restart This example will allow all traffic from the client to the main office network To get a more secure solu...

Page 119: ...or trusted can be added to the whitelist by clicking Edit global URL whitelist To enable all subdomains of eg google com eg gmail google com and all possible pages on that site enter google com in thi...

Page 120: ...e is no service with that name you will have to create one by clicking Add new at the bottom of the list TCP UDP Service should be selected and protocol should be set to TCP Set destination port to 80...

Page 121: ...4 Edit the new policy we just created Name the rule allow_http Enter position 2 Select action Allow Select service http outbound Select schedule Always Click Apply...

Page 122: ...2 The new policy should now be added to position two in the list if not it can be moved to the right position by clicking on the up and down arrows 5 Click Activate and wait for the firewall to restar...

Page 123: ...policy setup is quite similar In this example a mail server with IP 192 168 2 4 and a web server with IP 192 168 2 5 is connected to the DMZ interface on the firewall To set up intrusion detection an...

Page 124: ...ing Name the rule map_www Select service http in all Enter pass to IP 192 168 2 5 the IP of the web server Check the Intrusion detection prevention option Select mode Prevention Enable email alerting...

Page 125: ...r E mail address 2 steve examplecompany com Click Apply 4 Click Activate and wait for the firewall to restart When attacks are stopped by the firewall it will listed in the logs Since we enabled email...

Page 126: ...Set position to 2 Set action to allow Select service ftp_outbound Schedule should be always Check the Traffic shaping box and enter 400 as up and downstream limit Click Apply 3 Click Activate and wai...

Page 127: ...traffic shaping to guarantee a service a certain amount of bandwidth follow these steps 1 Set the interface speed for the WAN interface under System Interfaces Click Edit for the WAN interface Check...

Page 128: ...d still use all of the reminding 1200kbit s Important note The WAN interface speed under System Interfaces must match the speed of the Internet connection for guarantees to work If the bandwidth is se...

Page 129: ...Don t Fragment was Set RFC792 5 Source Route Failed RFC792 6 Destination Network Unknown RFC792 7 Destination Host Unknown RFC792 8 Source Host Isolated RFC792 9 Communication with Destination Networ...

Page 130: ...Parameter Problem 0 Pointer indicates the error RFC792 1 Missing a Required Option RFC1108 2 Bad Length RFC792 13 Timestamp 0 No Code RFC792 14 Timestamp Reply 0 No Code RFC792 15 Information Request...

Page 131: ...4 IP IP in IP encapsulation RFC2003 5 ST Stream RFC1190 RFC1819 6 TCP Transmission Control RFC793 8 EGP Exterior Gateway Protocol RFC888 17 UDP User Datagram RFC768 47 GRE General Routing Encapsulati...

Page 132: ...or if D Link determines in its sole discretion that it is not practical to repair or replace the defective Hardware the price paid by the original purchaser for the defective Hardware will be refunde...

Page 133: ...packaged and shipped in accordance with the foregoing requirements or that is determined by D Link not to be defective or non conforming What Is Not Covered This limited warranty provided by D Link do...

Page 134: ...die das Ger t vor berhitzung sch tzt Sorgen Sie daf r da diese ffnungen nicht abgedeckt werden 8 Beachten Sie beim Anschlu an das Stromnetz die Anschlu werte 9 Die Netzanschlu steckdose mu aus Gr nden...

Page 135: ...cuyo case puede requerirse al usuario para que adopte las medidas adecuadas Attention Ceci est un produit de classe B Dans un environnement domestique ce produit pourrait causer des interf rences rad...

Page 136: ...136 Consult the dealer or an experienced radio TV technician for help VCCI Warning...

Page 137: ...com FINLAND D Link FINLAND Thlli ja Pakkahuone Katajanokanlaituri 5 FIN 00160 Helsinki Finland TEL 358 9 622 91660 FAX 358 9 622 91661 E MAIL info dlink fi com URL www dlink fi com FRANCE D LINK FRAN...

Page 138: ...D LINK SWEDEN P O Box 15036 S 167 15 Bromma Sweden TEL 46 0 8564 61900 FAX 46 0 8564 61901 E MAIL info dlink se URL www dlink se TAIWAN D LINK TAIWAN 2F No 119 Pao Chung Road Hsin Tien Taipei Taiwan...

Page 139: ......

Page 140: ...140...

Page 141: ......

Search results

Summary of Contents for DFL-700 - Security Appliance

Reviews:

Related manuals for DFL-700 - Security Appliance

Brands by name

Popular brands

D-Link DFL-700 - Security Appliance, Manual

Search results

Summary of Contents for DFL-700 - Security Appliance

Reviews:

Related manuals for DFL-700 - Security Appliance

Brands by name

Popular brands