D-Link DWC-1000 User Manual
236
Section 8 - Security
Note
: You must activate the DCS-1000-VPN license to access the firewall options.
Path: Security > Firewall > Firewall Rules
Inbound (Option to LAN/DMZ) rules restrict access to traffic entering your network, selectively allowing only
specific outside users to access specific local resources. By default all access from the insecure Option side are
blocked from accessing the secure LAN, except in response to requests from the LAN or DMZ. To allow outside
devices to access services on the secure LAN, you must create an inbound firewall rule for each service.
If you want to allow incoming traffic, you must make the controller’s Option port IP address known to the public.
This is called “exposing your host.” How you make your address known depends on how the Option ports are
configured; for this controller you may use the IP address if a static address is assigned to the Option port, or if
your Option address is dynamic a DDNS (Dynamic DNS) name can be used.
Outbound (LAN/DMZ to Option) rules restrict access to traffic leaving your network, selectively allowing only
specific local users to access specific outside resources. The default outbound rule is to allow access from the
secure zone (LAN) to either the public DMZ or insecure Option. On other hand, the default outbound rule is to
deny access from DMZ to insecure Option. When the default outbound policy is allow always, you can block
hosts on the LAN from accessing internet services by creating an outbound firewall rule for each service.
To create a new firewall rule:
1. Click
Security
>
Firewall
>
Firewall Rules
.
Firewall
Firewall Rules
2. Right-click an entry and click either
Edit
or
Delete
. To add a new group, click
Add New IPv4 Firewall
Rule
.