·
Select the tab corresponding to the type of policy to which to add authentication.
·
Select New to add a policy or select Edit
to edit a policy to add authentication.
·
Configure the policy as required.
·
Set Action to AUTH.
·
Set Service to HTTP, FTP, or Telnet.
·
Select OK to save the policy
·
Arrange the policy in the policy list to have the effect that you expect.
Policies that require authentication must be added to the policy list above matching policies that do not,
otherwise the policy that does not require authentication is selected first.
Port forwarding
Port forwarding routes packets that are received by the DFL-500 external interface according to the packet's
destination service port. When the packet is intercepted, the firewall changes the packet's destination address
to an address on the network connected to the internal interface. The DFL-500 then forwards the packet to
the server at that address.
You can also configure port forwarding to change the packet's destination service port.
Use port forwarding to provide Internet users with access to web, mail, ftp or other servers behind your DFL-
500. When you use the setup wizard for internal server settings, you are configuring port forwarding for the
services that you select.
Firewall policies take precedence over port forwarding. If you have configured port forwarding for a service,
you can add a policy to deny access to this service.
Note
: Port Forwarding is not supported in Transparent mode.
Port forwarding example
Configure port forwarding for the external interface so that all FTP packets (using port 20) have their
destination IP address changed from an Internet IP address to the IP address of an FTP server on your
internal network:
·
FTP packets received by the external interface could have the following settings:
Source: 163.158.1.2/7890, Dest: 194.160.1.1/20
·
FTP port forwarding could change the settings to:
Source: 163.158.1.2/7890, Dest: 192.168.1.2/20
·
Replies from the FTP server would have the following settings:
Source: 192.168.1.2/20, Dest: 163.158.1.2/7890
·
The DFL-500 would change these addresses to:
Source 194.160.1.1/20, Dest: 163.158.1.2/7890
Adding port forwarding
·
Go to
Firewall > Port Forward
.
·
Select New.
·
In the External Service Port list, select the service for which to configure port forwarding.
For a list of common services and their port numbers, see
. You can add
custom services using the procedure
Providing access to custom services
DFL-500 User Manual
44
Содержание DFL-500
Страница 1: ...DFL 500 V2 27 User Manual D Link Systems Inc DFL 500 User Manual 1 ...
Страница 102: ...DFL 500 User Manual 102 ...
Страница 136: ...DFL 500 User Manual 136 ...
Страница 140: ...Registration Register the D Link DFL 500 Office Firewall online at http www dlink com sales reg DFL 500 User Manual 140 ...