Gebruiksaanwijzing /service van het product DFL-500 van de fabrikant D-Link
Ga naar pagina of 122
DFL-500 User Manual 1 D-Link DFL-500 Network Security Firewall Manual Building Networks for People.
DFL-500 User Manual 2 © Copyright 2003 D-Link Systems, Inc. All rights reser ved. No part of this publication including text, examp les, diagrams or illustrations may be reproduced, transmitted, or t.
DFL-500 User Manual 3 Table of Contents Introduction ........................................ ........................ ....................... ............. 8 NAT/Route mode and Transparent mode ................... ................... ................
DFL-500 User Manual 4 Firewall configuration ................... ........................ ....................................... 23 NAT/Route mode and Transparent mode ................... ................... ................... .................. ...
DFL-500 User Manual 5 Configuring user groups....................... ................... ................... ................... ................... ....... ................... ... 46 Adding user groups.............................. ..................
DFL-500 User Manual 6 Changing the URL block message .......... ....... .... .... .... ... .... .... .... ... .... .... .... .... .... ... ........ .... ... .... .... .... ....... ... 74 Downloading the URL block list ...................... ..........
DFL-500 User Manual 7 System configuration ............ ................... ................... .... ................... ................... ............... ....... .................. 96 Setting system date and time ...................... ............
DFL-500 User Manual 8 Introduction The DFL-500 Network Protection Gateway (NPG) is an e asy-to-deploy and easy-to- administer solution that delivers exce ption al value an d pe rforma n ce for s mall office and home office (SOHO) ap plications.
DFL-500 User Manual 9 • Administration describes DF L-500 m an agem ent and administ ra tive tas k s . • The Glossary defines many of the terms used in this document.
DFL-500 User Manual 1 0 Getting st arted This chapter describes unp acking, setting up, and powering on your DFL-500 NPG. When yo u have completed the pr ocedures in this chapte r, you can proceed to one of the following: • If you are going to run y ou r DFL-500 NP G in NAT/Ro ute mode, go to NAT/Route mode installation .
DFL-500 User Manual 11 Dimensions • 8.63 x 6. 13 x 1.3 8 in. (21. 9 x 15.6 x 3.5 cm) Weight • 1.5 lb. (0.68 kg) Pow er requ irements • DC input voltage: 5 V • DC input current: 3 A Environment.
DFL-500 User Manual 1 2 Front and back view of the DFL-500 NPG Initial configuration When the DFL-500 NPG is first powered on, it is ru nning in NAT/Route mode and has the basic configura tion listed in DFL-500 NPG initial power on settings .
DFL-500 User Manual 1 3 • Using the crossover cable or the ethernet hub and cables, connect the Interna l interface of the DFL- 500 NPG to the computer ethernet connection. • Start Internet Explor er and browse to the addr ess .
DFL-500 User Manual 14 Data bits 8 Parity None Stop bit s 1 Flow contr ol None • Press Enter to co nnect to the DFL -500 CLI. The following prompt appears: DFL-500 login: • Type admin and press Ent er. The following prompt appears: Type ? for a list of commands.
DFL-500 User Manual 1 5 NA T/Route mode inst allation This chapter describes how to install your DFL-500 NPG in NAT/Route mode. If you want to install the DFL- 500 NPG in Transpar ent mode, see Transparent mode installa tion .
DFL-500 User Manual 1 6 Ending IP : _____._____._____. _____ Netmask: _____._____._____. _____ Default Route: _____._____._____. _____ DNS IP: _____._____._____. _____ The DFL-500 NPG contains a DHCP server that you can configure to automatically set the addresses o f the computers on y our internal network.
DFL-500 User Manual 1 7 • Set the IP address and ne tmask of the external inter face to the external IP addr ess and netmask that you recorded in NAT/Route mode settings .
DFL-500 User Manual 1 8 DFL-500 NPG netwo r k conn ections Configuring your internal network If you are running the DFL-500 NPG in NAT/Route mod e, your internal net work must be configured to route all internet traffic to the add ress of the internal inter face of the DFL-500 NPG.
DFL-500 User Manual 1 9 T ransp arent mode inst allation This chapter describes how to install your DFL-5 00 NPG in Transparent mode. If you want to install the DFL- 500 NPG in NAT/Route mode, see NAT/Route m ode installat ion .
DFL-500 User Manual 2 0 Starting the setup wizard • Select Easy Setup Wizard (the button in the upper right corner o f the web-based manager). • Use the information that you ga thered in Transparent mode setting s to fill in the wizard fields. Select the Next butto n to step th roug h the w i z ard page s .
DFL-500 User Manual 21 The CLI lists the Management IP addre ss and netmask. Configure the Transpar en t mode default gateway • Login to the CLI if you are not alre ady logged in. • Set the default route to the Default Gateway that you recorded in T ransparent m ode settings .
DFL-500 User Manual 2 2 DFL-500 network conn ections.
DFL-500 User Manual 2 3 Firewall configuration By default, the user s on your inte rnal network can c onnect through th e DFL-500 NPG to t he Internet.
DFL-500 User Manual 24 NAT/Route mode and Transparent mode The first step in config uring firewall policies is to configure the mode for the firewall. The firewall can run in NAT/Route mode or Tr ansparent mo de. NAT/Route mode Run the DF L-500 NPG in NAT/Rout e mode to prote ct a private ne twork from a public netw ork.
DFL-500 User Manual 2 5 You can also select Insert Policy before on a policy in the lis t to add the new policy above a specific policy. • Configure the policy: Source Select an address or address group that matche s the source address of the packet.
DFL-500 User Manual 2 6 Telnet, or FTP. For users to be able to authentic ate you must a dd an HTTP, Telnet, or FTP policy that is configured for authen ticati on. When users attempt to conn ect through the fi rewall usin g this policy they are prompted to enter a firewall usern ame and password.
DFL-500 User Manual 2 7 A dding a NAT/Route Int -> Ext policy Adding Transparent mode policies Add Transparent mode policies to control the n etwork traffic that is allowed to pass thr ough the firewall when you are running th e it in Transparen t mode.
DFL-500 User Manual 2 8 Ac t i o n Select how the firewall should respond when the policy matches a connection a ttempt. You can configure the policy to direct the firewall to A CCEPT the connectio n or DENY the connection. If you select ACCEPT, y ou can also configure Authentication for the policy.
DFL-500 User Manual 2 9 A dding a Transparent mode In t -> Ext policy Configuring policy lists The firewall matche s policies by searching for a match starting at the top of th e policy list and moving down until it finds the first match. You mu st arrange policies in the policy list from more specific to more general.
DFL-500 User Manual 3 0 Policies that require authenticatio n must be added to the policy list above matching policies that do not; otherwise, the policy that does no t r equire authenticatio n is selected first. Changing the order of pol icies in a policy list • Go to Firewall > Po licy .
DFL-500 User Manual 31 Adding addresses • Go to Firewall > Ad dress . • Select the interface to which to add the address. The list of addresses added to that interface is displayed. • Select New to add a new address to the selected interface.
DFL-500 User Manual 3 2 Organizing addresses into address groups You can organize related addresses into add ress gr oups to make it easier to add policies.
DFL-500 User Manual 3 3 • Predefined service s • Providing ac cess to c ustom service s • Grouping services Predefined services To view the list of predefin ed services, go to Firewall > Service > Pre-defined . You can add predefined services to any policy.
DFL-500 User Manual 34 A dding a service group • To add services to the service group, select a ser vice from the Available Services list and select the right arrow to c opy it to the Members list. • To remove services from the serv ic e grou p, selec t a service from the Members list and select the left arrow to remove it from the group .
DFL-500 User Manual 3 5 • Set the Start date and time for the schedu le. Set Start and Stop times to 00 for the schedule to cover the e ntire day. • Set the Stop date and time for the sched ule. One-time schedules use the 24-hour clock. • Select OK to add the one- time schedule.
DFL-500 User Manual 3 6 create an external ad dress for the web server on the Interne t. You must then add a virtual IP to th e firewall that maps the extern al IP address of the web server to the actual ad dress of the web server on your inter nal network.
DFL-500 User Manual 3 7 A dding a static NA T virtual IP • In the Map to IP field, enter the real IP add ress on the more secure ne twork, for example, the IP address of a web server on your interna l network.
DFL-500 User Manual 3 8 A dding a Port Forwarding virtual IP • Enter the External Service Port num ber for which to configure port fo rwarding. The external service port nu mber must match the destination po rt of the packets to be forwarded.
DFL-500 User Manual 3 9 Destination Select the virtual IP. Schedule Select a schedule as requ ired. Service Select the ser vice that matches the Map to Se rvice that y ou selected for the port-forwarding virtual IP. Ac t i o n Set action to ACCEPT to accept connections to th e internal s erver.
DFL-500 User Manual 4 0 A dding an IP Pool IP/MAC binding IP/MAC binding protects th e DFL-500 NPG and your network from IP spoofing attacks. IP spoofing attempts to use the IP ad dress of a trusted computer to connect to or through the fire wall from a different computer.
DFL-500 User Manual 41 All packets that would normally be matched with policies to be able to go through the firewall are first compared with the entr ies in the IP/MAC binding list. If a match is found, th en the firewall attempts to match the packet with a policy.
DFL-500 User Manual 4 2 Viewing the dy namic IP/MAC list • Go to Firewall > IP/MAC Binding > Dynamic IP/MAC . Enabling IP/MAC binding • Go to Firewall > IP/MAC Binding > Setting . • Select Enable IP/MAC binding going thro ugh the firewall to turn on IP/MAC binding fo r packets that could be m atched by po licies.
DFL-500 User Manual 4 3 Users and authentication DFL-500 NPGs suppor t user authentication to the DFL- 500 user database or to a RADIUS ser ver. You can add user name s to the DFL- 500 user database and then add a password to allow the user to authenticate using the internal database.
DFL-500 User Manual 44 • Select New to add a new user name. A dding a us er name • Enter the user name. The user name can conta in numbers (0-9) and uppercase and lo wercase letters (A-Z, a-z), and the special characters - and _. Other specia l characters and spaces ar e not allowed.
DFL-500 User Manual 4 5 Deleting the user na me deletes the au then tication configured for th e user. Configuring RADIUS support If you have configured RADIUS support and a user is required to authenticate using a RADIUS server, the DFL-500 NPG contacts the RADIUS server for authenticatio n.
DFL-500 User Manual 4 6 Configuring user groups Use the following informatio n to add user groups to your DFL-500 configur ation. You can add user name s and RADIUS servers to user groups. You can then add user groups to: • Policies that require authe ntication ( Adding NAT/Route mo de policies , and Adding NAT/Route mo de policies ).
DFL-500 User Manual 4 7 A dding a user grou p • To remove use rs or RADIU S servers from the user group, selec t a user or RAD IUS serv er from the Members list an d select the le ft arrow t o remove the name or RADI U S server from th e group. • Select OK.
DFL-500 User Manual 4 8 IPSec VPNs Using IPSec Virtual Private Networking (VPN), you can securely join two or more widely separated private networks or computers together through the Internet. For example, if you are away from home, you can use a VPN to securely connect through your DFL-5 00 NPG to your home network.
DFL-500 User Manual 4 9 • ESP security in tunnel mode • DES and 3DES (TripleDES) encryption • Diffie-Hellman groups 1, 2, and 5 • HMAC MD5 authentication/data integrity or HMAC SHA1 authentica.
DFL-500 User Manual 5 0 See Adding an encrypt policy . Configuring manual key IPSec VPN A manual key VPN configur ation consists of a manual key VPN tunnel, the so urce and destination addre sses for both ends of the tunnel, and an encrypt policy to control access to the VPN tunn el.
DFL-500 User Manual 51 Configuring the VPN concentrator On the VPN concentrator network, yo u must create one VPN tunnel for each of the prospective VPN concentrator members and then add these tu nnels to a VPN concen trator. You can add both AutoIKE and manual key VPN tunnels to a VPN concentrator.
DFL-500 User Manual 5 2 See Adding an Auto IKE key VPN tunnel . Or, add a manu al key VPN tunnel. See Adding a manua l key VPN tunnel . • Add one encrypt policy between the member VPN and the VPN concentrator. Use the following configurat ion: Source Member VPN address.
DFL-500 User Manual 5 3 The source and destina tion of both policies must be th e same. Add a differen t AutoIKE key tunnel to each policy. See Adding an encrypt policy .
DFL-500 User Manual 54 Mode. Enter the IP address of the dialup user o r the domain name of the d ialup user (for example, do If you d o not add a local ID, the DFL-500 e xternal interface automatically becomes th e Local ID. For information about the Loca l ID, see About dialup VPN authentication .
DFL-500 User Manual 5 5 For each variation, th e remote gateway field of the dialup server remote gateway configuration must be set to dialup user and all of the clients must have their remote gateway or equivalent set to the stat ic IP address of the remote gateway server.
DFL-500 User Manual 5 6 A ggres siv e mode with no user gr oup Field Server Clients User Group None N/A Mode Aggressive Aggressive A uthentication Key T he server and the clients must hav e the same authen tication key.
DFL-500 User Manual 5 7 About NAT traversal NAT (Network Address Translation) converts pr ivate IP addresses into routable public IP addresses. The DFL-500 NPG uses NAPT (Net work Address Port Transla tion), in which both IP addresses an d ports are mapped.
DFL-500 User Manual 5 8 A uto key Keep A liv e Enable Autokey Keep Alive to keep the VPN tunnel running even if no d ata is being processed. Concen trat or Select a concentrator if you want the tun nel to be part of a hub and spoke VPN configuration.
DFL-500 User Manual 5 9 The DFL-500 NPG sends an alert e mail when rep lay detection dete cts a rep lay packet. To receive the aler t email, you must configure alert email and select "Enable alert email for critica l firewall/VPN events or violations".
DFL-500 User Manual 6 0 For all 3DES encry ption algorithms, enter three hexadecimal numbe rs of up to 16 digits each. Use the same encryption key at both ends of the tunne l. Required for encryption algorithms that include MD5 or SHA1 authentica tion.
DFL-500 User Manual 61 • Select OK to add the VPN concentr ator. A dding a VPN concentrator Adding an encrypt policy Add encrypt policies to co nnect users on your internal network to a VPN tunnel. Encrypt policies are always Int -> Ext policies.
DFL-500 User Manual 6 2 The destination address is the IP addre ss of the remote network behind the re mote VPN gateway. The destination address is the IP addre ss of the remote network behind the re mote VPN gateway.
DFL-500 User Manual 6 3 A llow outbound Select Allow o utbound to enable outbound users to conn ect to the destination addres s. Inbound NA T The DFL-500 NPG translates the source address of incoming packets to the IP address o f the DFL-500 interface con nected to the source addre ss network.
DFL-500 User Manual 64 A utoIKE key tunnel status Viewing dialup VPN connection status You can use the dialup monitor to view the status of dialup VPNs.
DFL-500 User Manual 6 5 To confirm th at a VPN between a netw ork and on e or more c lients has be en configur ed correct ly, start a V PN client and use the ping command to connect to a computer on the inte rnal network. The VP N tunnel initializes automatically when the client makes a connection attempt.
DFL-500 User Manual 6 6 PPTP and L2TP VPNs Using PPTP and L2TP Virtua l Private Networking (VPN), you can cr eate a secure connection between a client computer running Micr osoft Windows and your internal network.
DFL-500 User Manual 6 7 PPTP VPN betw een a Window s client and the DFL-500 NPG Configuring the DFL-50 0 NPG as a PPTP gateway • Create a user gro up for your PPTP user s. See Users and authentication . • Go to VPN > PPTP > PPTP Ran ge . • Select Enable PPTP.
DFL-500 User Manual 6 8 Example PPTP Range configur ation When using a RADIUS server for user authenticatio n, PPTP and L2TP encryption is not supported a nd you should no t select Require data encryption when configuring Windows clients for PPTP or L2TP.
DFL-500 User Manual 6 9 L2TP VPN configuration L2TP clients must be ab le to authenticate with th e DFL-500 NPG to start a L2TP session. To support L2TP authentication, you must add a user group to th e DFL-500 NPG configuration. This u ser group can contain users added to the DFL-500 NPG user database, RADIUS servers, or both.
DFL-500 User Manual 7 0 • Select Enable L2TP. • Enter the Starting IP a nd the Ending IP for the L 2TP address range . • Select the User Group tha t you added in step Create a user group fo r your L2TP user s. . • Select Apply to enable L2TP thro ugh the DFL-50 0 NPG.
DFL-500 User Manual 71 W eb content filtering Use DFL-500 web content filtering fo r: • Enabling web content Filtering • Blocking web pages that contain unwanted content • Blocking access to URL.
DFL-500 User Manual 7 2 The DFL-500 NPG is now configured to block web pages containing words and phrases added to the banned word list. • Select New to add a word or phrase to the ba nned word list. • Choose a language or cha racter set for the banned word or phrase.
DFL-500 User Manual 7 3 • Select Backup Banned Word List . The DFL-500 NPG downloads the banne d word list to a text file on the management comp uter. You can specify a location to which to download the text file as well as a name for the text file.
DFL-500 User Manual 74 URL blocking does not block access to other services that users can access with a web browser. For example, URL b locking does not block access to ftp://ftp.badsi . Instead, you can use firewall policies to deny FTP connections.
DFL-500 User Manual 7 5 You can add a URL list created by a third-par ty URL block or blacklist service. For example, you can download the squidGuard blacklists, available at http://www.squidg as a starting point for creating your own URL bloc k list.
DFL-500 User Manual 7 6 • Clearing th e Exempt U RL list • Downloading the Exempt URL list • Uploading an Exempt URL list Adding URLs to the Exempt URL List • Go to Web Filter > Exempt URL . • Select New to add an entry to the Exempt URL list.
DFL-500 User Manual 7 7 Uploading an Exempt URL list You can create an Exempt URL list in a text editor and the n upload th e text file to the DFL-500 NPG. Add one URL to each line of the text file. You can follow th e URL with a space and th en a 1 to enable or a zero (0) to disable the URL.
DFL-500 User Manual 7 8 Logging and reporting You can configure the DFL-500 NPG to record 3 types of logs: • Traffic logs record all traffic that att e mpts to c onnect thro ug h the DFL- 50 0 NPG. • Event logs record manageme nt and activity events.
DFL-500 User Manual 7 9 Example log settings Selecting what to log Use the following procedure to con figure the type of informa tion recorded in DFL- 500 logs. • Go to Log&Re port > Log setting . • Select Log All Internal Traffic To Fir ewall to record all connections to the internal inte rface.
DFL-500 User Manual 8 0 Configuring alert email • Go to System > Network > DNS . • If they have not alrea dy been added, add the primary and secondar y DNS server addresses provide d to you by your ISP.
DFL-500 User Manual 81 Administration This chapter describes how to use the web-based manager to administer and maintain the DFL-500 NPG. It contains the following s ections: • System status • Upg.
DFL-500 User Manual 8 2 • Shutting down the DFL-500 NPG If you log into the web-based manager with any other administrator a c count, you can go to Syste m > Status to view the system settings in.
DFL-500 User Manual 8 3 • Enter the following command to restart the DFL-5 00 NPG: > execute reboot As the DFL-500 NPG reboots, message s similar to the following appear: BIOS Version 2.2 Serial number: FGT- 502801021 075 SDRAM Initialization. Scanning PCI Bus.
DFL-500 User Manual 84 When the interface addresses ar e changed, you can access the DF L-500 from the web-based manager and restore your configuration files a nd content a nd URL filtering lists. Displaying the DFL-500 NPG serial number • Go to System > Status .
DFL-500 User Manual 8 5 This procedure deletes th e changes that you have made to the DFL-500 NPG configuration and reverts the sy stem to its original configuration, inc l uding resetting in terface addresses. • Go to System > Status . • Select Rest ore Factory Defaults.
DFL-500 User Manual 8 6 The DF L-50 0 NPG c hanges op eration mode. • To reconnect to the web-ba sed manager, browse to the inter face that you have configured for management access using https:// followed by the IP add ress of the interface.
DFL-500 User Manual 8 7 System status monitor At the top of the display, the system status moni tor shows: CPU usage The current CPU usage statistics of the DFL-500 NPG. Memory usage The percentage of available memory b eing used by the DFL-500 NPG. Up time The number of days, h ours, and minutes si nce the DFL-500 NPG was last starte d.
DFL-500 User Manual 8 8 Configuring the internal interface To configure the in ternal interface: • Go to System > Network > Interface . • For the internal interface, select Modify . • Change the IP addr ess and Netmask as require d. • Select the management Acce ss methods for the interna l interface.
DFL-500 User Manual 8 9 • Controlling management access to the external interface • Changing t he external inte rface MTU size to impro ve netw ork performance Configuring the external interface wi th a static IP address • Go to System > Network > Interface .
DFL-500 User Manual 9 0 Configuring th e external in terface Configuring the external interface for PPPoE Use the following proced ure to configu re the external inter face to use PPPoE. T his configuration is re quired if your ISP uses PPPoE to assign the IP addre ss of the external interface.
DFL-500 User Manual 91 • For the external inte rface, select Modify . • Select the management Acce ss methods for the external in terface. HTTPS To allow secure HTT PS connections to the web-based manager throug h the external interface . PING If you wa nt the external interface to respond to pings.
DFL-500 User Manual 9 2 Configuring the management in terface (Transparent mode) In Transparent mode, you can configure the manageme nt interface for management access to the DFL-500 NPG. • Go to System > Netw ork > Managem ent . • Change the Manageme nt IP and Mask as required .
DFL-500 User Manual 9 3 If you select dead gateway detection you can also configu re ping target, detectio n interval, and Fail- over detec tion for the ro ut ing gatew ay. • Set Ping Target to the IP add ress that the DFL-50 0 NPG should ping to test connectivity with the gateway.
DFL-500 User Manual 94 • Select OK to save the new route. Arrange routes in the routing table from mo re specific to more general. To a rrange routes in the rou ting table, see Configuring the ro uting table . Configuring the routing table As you add routes, they a ppear on th e routing table.
DFL-500 User Manual 9 5 • Repeat these steps to add more r outes as required. Providing DHCP services to your internal network If the DFL-500 NPG is opera ting in NAT/Route mode, you can configure it to be the DHCP server fo r your internal netw ork: • Go to System > Network > DHCP .
DFL-500 User Manual 9 6 Sample DHCP settings Viewing the dynamic IP list If you have c onfigured your DFL- 500 NPG as a DHCP ser ver, you can vie w a list of IP addr esses that the DHCP server has add ed, their correspondin g MAC addresses and the expiry time and da te for these addresses.
DFL-500 User Manual 9 7 • Setting system date and time • Changing web-based mana ger options • Adding and editing admin istrator accoun ts • Configuring SNMP Setting system date and time For effective scheduling and logg ing, the DFL-50 0 NPG time should be accurate .
DFL-500 User Manual 9 8 • Specify how often the DFL-500 NPG should synchronize its time with the NTP server . A typical Syn Interval w ould be 144 0 minutes for the DFL-500 N PG to sync hronize it s time once a day.
DFL-500 User Manual 9 9 • Select N ew to add an administrat or account. • Type a log in name for th e administ rator accou nt. The login name must be at least 6 characters long an d can contain numbers (0-9 ), and upper case and lowercase letters (A-Z, a-z), and the special characters - and _.
DFL-500 User Manual 10 0 System Location Describe the physical location o f the DFL-500 NP G. The sy stem location description can be up to 31 characters long a nd can contain spaces, numbers (0 -9), uppercase and lowerca se letters (A-Z, a-z), and the special ch aracters - and _.
DFL-500 User Manual 101 Glossary Connection : A link between machines, applications, processes, and so on that can be logical, physica l, or both. DNS, Domain Name Service : A service that converts symbolic node names to IP addresses.
DFL-500 User Manual 10 2 Netmask : Also called subnet mask. A set of r ules for omitting parts of a complet e IP address to re ach a target destination without using a broadcast message. It can indicate a subn etwork portion of a larger ne twork in TCP/IP.
DFL-500 User Manual 10 3 VPN, Virtual Private Networ k : A network that links p rivate networks over the Inte rnet. VPNs use encryption and other security mechan isms to ensure that on ly authorized users can access the ne twork and th at data cannot be in tercepted.
DFL-500 User Manual 104 Index A action policy optio n ActiveX removing from web p ages address adding editing group IP/MAC bindi ng virtual IP address group example address name admin administrator ac.
DFL-500 User Manual 10 5 C clear communication sessions CLI configuring IP addresses connecting to concentrator adding VPN hub and sp oke configuration hub and spoke VPN connecting to your network web.
DFL-500 User Manual 10 6 DHCP dynamic IP list viewing dynamic IP/MAC list E email alert testing enabling a policy encryption adding IPSec firewall policy algorithm encryption algorithm manual key IPSe.
DFL-500 User Manual 10 7 first trap re ceiver IP address SNMP fixed por t policy optio n from IP system sta tus from port system sta tus G gateway adding remote gateway IPSec VPN remote gateway name r.
DFL-500 User Manual 10 8 IPSec IPSec VPN adding firewall policy AutoIKE ke y AutoIKE key remote gat eway AutoIKE key VPN tunnel compatibility with IPSec VPN products concentrator configuring remote ga.
DFL-500 User Manual 10 9 user groups L2TP gateway configuring language web-based manager lease duration DHCP Local ID IPSec VPN remote gateway local SPI IPSec VPN manual key log traffic policy optio n.
DFL-500 User Manual 11 0 IP addresses policy policy, add ing NAT traversal about NAT/Route mode Nat-traversa l IPSec VPN Rem ote Gateway netmask administrator account network address translation intro.
DFL-500 User Manual 111 external interface PPTP adding firewall policy configuring configuring gateway definition enabling ending IP network configuration starting IP user groups VPN configuration PPT.
DFL-500 User Manual 11 2 RIP routing gateway adding routing table adding a default route adding routes adding routes (Transparent mo de) configuring S schedule applying to a policy creating one-time c.
DFL-500 User Manual 11 3 IPSec VPN tunnel viewing dialup connectio n status viewing VPN tunnel status subnet subnet address switching operating mode system configuration system date an d time setting .
DFL-500 User Manual 114 URL block list clearing downloading uploading URL block message changing URL blocking configuring URLs blocking access exempting from blocking user group IPSec VPN Rem ote Gate.
DFL-500 User Manual 11 5 name viewing status W web content filtering ActiveX cookies enabling Java applets Web filter policy optio n web pages content blocking web-based manager changing options conne.
DFL-500 User Manual 11 6 T echnical Support Offices AUSTRALIA D-LINK AUSTRALIA Unit 16, 390 Easter n Valley Way, Rosev ille, NSW 2069 , Australia TEL: 61-2-941 7-7100 FAX: 61-2-9417-1077 TOLL FRE E: 1800-177-100 (Aus tralia), 0800-900900 (New Zealand ) E-MAIL: support@dlin k.
DFL-500 User Manual 11 7 Registration Card Print, type or use block letters. Your name: Mr./Ms _____________ ___________ _________ ___________ ________ ___________ _________ _____ Organization: ___________________________ _____________________ Dept.
DFL-500 User Manual 11 8.
DFL-500 User Manual 11 9 Limited W arranty D-Link Systems, Inc. (“D-Link”) provides this 1-Year warranty for its product only to the person or entity who originally purchased the product from: • D-Link or its author ized reseller or di stributor.
DFL-500 User Manual 12 0 Submitting A Claim . Any claim under this limited warranty must be su bmitted in writing befor e the end of the Warranty Period to an Authorized D-L ink Service Office.
DFL-500 User Manual 121 GOVERNING LAW : This 1- Year Warranty shall be governed by the laws of the state of Califor nia. Some states do not allo w exclusion or limitation of in cidental or consequential da mages, or limitations on how long an implied warranty last s, so the foregoing limitat ions and ex clusions m ay not apply .
DFL-500 User Manual 12 2 Registration Register the D-Link DFL-500 Office Firewall online at
Een belangrijk punt na aankoop van elk apparaat D-Link DFL-500 (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen D-Link DFL-500 heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens D-Link DFL-500 vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding D-Link DFL-500 leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over D-Link DFL-500 krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van D-Link DFL-500 bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de D-Link DFL-500 kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met D-Link DFL-500 . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.