Firewall configuration
By default the users on your internal network can connect through the DFL-500 to the Internet. The DFL-500
blocks all other connections.The DFL-500 is configured with a default firewall security policy that matches any
connection request received from the internal network and instructs the firewall to forward the connection to
the Internet.
Default security policy
Security policies are instructions used by the firewall to decide what to do with a connection request. When
the firewall receives a connection request in the form of a packet, it analyzes the packet to extract its source
address, destination address, and service (port number).
For the packet to be connected through the DFL-500, you must have added a policy to the interface that
receives the packet. The policy must match the packet's source address, destination address, and service.
The policy directs the action that the firewall should perform on the packet. The action can be to allow the
connection, deny the connection, or to require authentication before the connection is allowed. You can also
add schedules to security policies so that the firewall can process connections differently depending on the
time of day or the day of the week, month, or year.
To configure security policies:
·
·
·
·
·
·
·
·
·
·
Policy modes
The first step in configuring security policies is to configure the mode for the firewall. The firewall can run in
NAT/Route mode or Transparent mode.
NAT/Route mode
Select NAT/Route mode to use DFL-500 network address translation to protect private networks from public
networks. In NAT/Route mode, you can connect a private network to the internal interface and a public
network, such as the Internet, to the external interface. Then you can create NAT mode policies to accept or
deny connections between these networks. NAT mode policies hide the addresses of the internal network
from users on the internet.
DFL-500 User Manual
29
Содержание DFL-500
Страница 1: ...DFL 500 V2 27 User Manual D Link Systems Inc DFL 500 User Manual 1 ...
Страница 102: ...DFL 500 User Manual 102 ...
Страница 136: ...DFL 500 User Manual 136 ...
Страница 140: ...Registration Register the D Link DFL 500 Office Firewall online at http www dlink com sales reg DFL 500 User Manual 140 ...