User Guide
Page 4
... security product can result in loss of fire or electric shock. Use only a soft cloth dampened with absolute protection against them. When installing the appliance, ensure that version or of power source indicated on an unstable surface or support. Route power supply cords where they exit the unit. The Free Software Foundation may result in this License. 9. SAFETY PRECAUTIONS Carefully read the Safety Instructions...
... security product can result in loss of fire or electric shock. Use only a soft cloth dampened with absolute protection against them. When installing the appliance, ensure that version or of power source indicated on an unstable surface or support. Route power supply cords where they exit the unit. The Free Software Foundation may result in this License. 9. SAFETY PRECAUTIONS Carefully read the Safety Instructions...
User Guide
Page 6
... 32 Network Installation...35 Setting Up the NetDefend firewall...36 Getting Started ...39 Initial Login to the NetDefend Portal 39 Logging on to the NetDefend Portal 42 Accessing the NetDefend Portal Remotely Using HTTPS 44 Using the NetDefend Portal ...46 Main Menu...47 Main Frame...48 Status Bar ...48 Logging off ...51 Configuring the Internet Connection 53 Overview ...53 Using the Internet Wizard ...54 Using a Direct LAN Connection 56 Using a Cable Modem Connection 58 Using a PPTP or...
... 32 Network Installation...35 Setting Up the NetDefend firewall...36 Getting Started ...39 Initial Login to the NetDefend Portal 39 Logging on to the NetDefend Portal 42 Accessing the NetDefend Portal Remotely Using HTTPS 44 Using the NetDefend Portal ...46 Main Menu...47 Main Frame...48 Status Bar ...48 Logging off ...51 Configuring the Internet Connection 53 Overview ...53 Using the Internet Wizard ...54 Using a Direct LAN Connection 56 Using a Cable Modem Connection 58 Using a PPTP or...
User Guide
Page 7
...Connection ...75 Using No Connection...77 Setting Up a Dialup Modem ...84 Viewing Internet Connection Information 87 Enabling/Disabling the Internet Connection 88 Using Quick Internet Connection/Disconnection 90 Configuring a Backup Internet Connection 90 Setting Up a LAN or Broadband Backup Connection 91 Setting Up a Dialup Backup Connection 92 Managing Your Network...93 Configuring Network Settings ...93 Configuring a DHCP Server ...94 Changing IP Addresses ...105 Enabling/Disabling Hide NAT...107 Configuring a DMZ Network...108 Configuring the OfficeMode Network 110 Configuring VLANs...
...Connection ...75 Using No Connection...77 Setting Up a Dialup Modem ...84 Viewing Internet Connection Information 87 Enabling/Disabling the Internet Connection 88 Using Quick Internet Connection/Disconnection 90 Configuring a Backup Internet Connection 90 Setting Up a LAN or Broadband Backup Connection 91 Setting Up a Dialup Backup Connection 92 Managing Your Network...93 Configuring Network Settings ...93 Configuring a DHCP Server ...94 Changing IP Addresses ...105 Enabling/Disabling Hide NAT...107 Configuring a DMZ Network...108 Configuring the OfficeMode Network 110 Configuring VLANs...
User Guide
Page 12
...NetDefend firewall Configuration 415 Importing the NetDefend firewall Configuration 416 Resetting the NetDefend firewall to Defaults 418 Running Diagnostics ...421 Rebooting the NetDefend firewall 422 Using Network Printers ...423 Overview ...423 Setting Up Network Printers ...424 Configuring Computers to Use Network Printers 425 Windows 2000/XP ...425 MAC OS-X ...431 Viewing Network Printers...435 Changing Network Printer Ports ...435 Resetting Network Printers ...436 Troubleshooting ...437 Connectivity ...438 Service Center and Upgrades ...442 viii D-Link NetDefend firewall User Guide
...NetDefend firewall Configuration 415 Importing the NetDefend firewall Configuration 416 Resetting the NetDefend firewall to Defaults 418 Running Diagnostics ...421 Rebooting the NetDefend firewall 422 Using Network Printers ...423 Overview ...423 Setting Up Network Printers ...424 Configuring Computers to Use Network Printers 425 Windows 2000/XP ...425 MAC OS-X ...431 Viewing Network Printers...435 Changing Network Printer Ports ...435 Resetting Network Printers ...436 Troubleshooting ...437 Connectivity ...438 Service Center and Upgrades ...442 viii D-Link NetDefend firewall User Guide
User Guide
Page 17
... by Check Point Product Family 2 NetDefend Features and Compatibility 2 Getting to Know Your NetDefend firewall 8 Getting to the office network, and enables secure interconnection of purchasing static IP addresses. By supporting integrated VPN capabilities, the NetDefend firewall allows teleworkers and road warriors to securely connect to Know Your NetDefend firewall 11 Contacting Technical Support 14 About Your D-Link NetDefend firewall The D-Link NetDefend firewall is a unified threat management (UTM) appliance that enables secure high-speed Internet access from select service...
... by Check Point Product Family 2 NetDefend Features and Compatibility 2 Getting to Know Your NetDefend firewall 8 Getting to the office network, and enables secure interconnection of purchasing static IP addresses. By supporting integrated VPN capabilities, the NetDefend firewall allows teleworkers and road warriors to securely connect to Know Your NetDefend firewall 11 Contacting Technical Support 14 About Your D-Link NetDefend firewall The D-Link NetDefend firewall is a unified threat management (UTM) appliance that enables secure high-speed Internet access from select service...
User Guide
Page 18
... and Compatibility Connectivity The NetDefend series includes the following hardware models: • DFL-CP310 Security VPN Firewall • DFL-CPG310 Wireless Security VPN Firewall You can upgrade your reseller for console access and dialup modem connection • Supported Internet connection methods: Static IP, DHCP Client, Cable Modem, PPTP Client, PPPoE Client, Telstra BPA login, Dialup • Concurrent firewall connections: 8,000 • DHCP server, client, and relay • MAC cloning 2 D-Link NetDefend firewall User Guide NetDefend Secured by Check Point Product Family...
... and Compatibility Connectivity The NetDefend series includes the following hardware models: • DFL-CP310 Security VPN Firewall • DFL-CPG310 Wireless Security VPN Firewall You can upgrade your reseller for console access and dialup modem connection • Supported Internet connection methods: Static IP, DHCP Client, Cable Modem, PPTP Client, PPPoE Client, Telstra BPA login, Dialup • Concurrent firewall connections: 8,000 • DHCP server, client, and relay • MAC cloning 2 D-Link NetDefend firewall User Guide NetDefend Secured by Check Point Product Family...
User Guide
Page 23
... Compatibility The DFL-CPG310 also includes: • Two antennas • Wall mounting kit, including two plastic conical anchors and two cross- head screws • USB extension cable Network Requirements • A broadband Internet connection via cable or DSL modem with Ethernet interface (RJ-45) • 10BaseT or 100BaseT Network Interface Card installed on each computer • TCP/IP network protocol installed on each attached device Note: The NetDefend firewall automatically detects cable types, so you can use...
... Compatibility The DFL-CPG310 also includes: • Two antennas • Wall mounting kit, including two plastic conical anchors and two cross- head screws • USB extension cable Network Requirements • A broadband Internet connection via cable or DSL modem with Ethernet interface (RJ-45) • 10BaseT or 100BaseT Network Interface Card installed on each computer • TCP/IP network protocol installed on each attached device Note: The NetDefend firewall automatically detects cable types, so you can use...
User Guide
Page 25
... need to use a pointed object to re-configure your cable or xDSL modem, or for connecting a hub when setting up more than one Internet connection A dedicated Ethernet port (RJ-45) used to the factory default firmware. This results in order to access the NetDefend CLI (Command Line Interface), or for connecting an external dialup modem Wide Area Network: An Ethernet port (RJ-45) used for connecting your NetDefend firewall. A serial port used for connecting computers in the loss of all security services and passwords and reverting to connect a DMZ...
... need to use a pointed object to re-configure your cable or xDSL modem, or for connecting a hub when setting up more than one Internet connection A dedicated Ethernet port (RJ-45) used to the factory default firmware. This results in order to access the NetDefend CLI (Command Line Interface), or for connecting an external dialup modem Wide Area Network: An Ethernet port (RJ-45) used for connecting your NetDefend firewall. A serial port used for connecting computers in the loss of all security services and passwords and reverting to connect a DMZ...
User Guide
Page 28
... reset the unit without consulting your NetDefend firewall. Two USB 2.0 ports used for connecting USB-based printers A serial (RS-232) port used for connecting computers in the loss of all security services and passwords and reverting to the version that shipped with the NetDefend firewall. You will have to connect a DMZ (Demilitarized Zone) computer or network. Reboots the NetDefend firewall • Long press (7 seconds). You need to use a pointed object to connect the supplied wireless antennas 12 D-Link NetDefend firewall User Guide Local...
... reset the unit without consulting your NetDefend firewall. Two USB 2.0 ports used for connecting USB-based printers A serial (RS-232) port used for connecting computers in the loss of all security services and passwords and reverting to the version that shipped with the NetDefend firewall. You will have to connect a DMZ (Demilitarized Zone) computer or network. Reboots the NetDefend firewall • Long press (7 seconds). You need to use a pointed object to connect the supplied wireless antennas 12 D-Link NetDefend firewall User Guide Local...
User Guide
Page 52
... have installed the NetDefend firewall, you have configured your Internet connection, the Setup Wizard automatically displays the dialog boxes for registering your NetDefend firewall to a USB port at the hinges, so that the USB devices' power requirement does not exceed the appliance's USB power supply capabilities. Bend the antennas at the back of these steps follow each of the unit. Warning: Verify that they point upwards. 7. For information on setting up network...
... have installed the NetDefend firewall, you have configured your Internet connection, the Setup Wizard automatically displays the dialog boxes for registering your NetDefend firewall to a USB port at the hinges, so that the USB devices' power requirement does not exceed the appliance's USB power supply capabilities. Bend the antennas at the back of these steps follow each of the unit. Warning: Verify that they point upwards. 7. For information on setting up network...
User Guide
Page 181
... enable the NetDefend internal VPN Server for users connecting from the WLAN to use 802.1X or WPA security mode for a wireless connection as a VPN Server on each computer in the main menu, and click the My Network tab. For information, see Internal VPN Server on page 302 and Setting Up Your NetDefend firewall as described in Network Installation on page 368. 3. Chapter 7: Configuring a Wireless Network 165 In the WLAN network's row, click Edit. Manually Configuring...
... enable the NetDefend internal VPN Server for users connecting from the WLAN to use 802.1X or WPA security mode for a wireless connection as a VPN Server on each computer in the main menu, and click the My Network tab. For information, see Internal VPN Server on page 302 and Setting Up Your NetDefend firewall as described in Network Installation on page 368. 3. Chapter 7: Configuring a Wireless Network 165 In the WLAN network's row, click Edit. Manually Configuring...
User Guide
Page 190
... that the IP packet be split into smaller fragments. This is 2346. 174 D-Link NetDefend firewall User Guide Use manual diversity control (ANT 1 or ANT 2), if there is always used for communicating. • ANT 2. The default value is the default. • ANT 1. Otherwise, set the threshold to a low value (around 2000), to the receiver along more than one antenna connected to reduce error penalty and...
... that the IP packet be split into smaller fragments. This is 2346. 174 D-Link NetDefend firewall User Guide Use manual diversity control (ANT 1 or ANT 2), if there is always used for communicating. • ANT 2. The default value is the default. • ANT 1. Otherwise, set the threshold to a low value (around 2000), to the receiver along more than one antenna connected to reduce error penalty and...
User Guide
Page 199
The SSID is case-sensitive. • Check that the encryption settings configured on the station (encryption mode and keys) match the NetDefend firewall's encryption settings. • If MAC filtering is enabled, verify that the MAC address of all directions. • If both antennas are experiencing poor reception. The antennas radiate horizontally in all stations is listed in the Network Objects page (see Viewing and Deleting Network Objects on...
The SSID is case-sensitive. • Check that the encryption settings configured on the station (encryption mode and keys) match the NetDefend firewall's encryption settings. • If MAC filtering is enabled, verify that the MAC address of all directions. • If both antennas are experiencing poor reception. The antennas radiate horizontally in all stations is listed in the Network Objects page (see Viewing and Deleting Network Objects on...
User Guide
Page 200
.... Troubleshooting Wireless Connectivity • Check the Transmission Power parameter in the WLAN's advanced settings (see Manually Configuring a WLAN on page 165) to a lower value. For best range, enable XR mode in the WLAN's advanced settings (see Manually Configuring a WLAN on page 165), and use of each other , and therefore are not using two access points in close proximity and on the same frequency. Before sending a certain size IP packet...
.... Troubleshooting Wireless Connectivity • Check the Transmission Power parameter in the WLAN's advanced settings (see Manually Configuring a WLAN on page 165) to a lower value. For best range, enable XR mode in the WLAN's advanced settings (see Manually Configuring a WLAN on page 165), and use of each other , and therefore are not using two access points in close proximity and on the same frequency. Before sending a certain size IP packet...
User Guide
Page 223
... creating rules, see Using Rules on a specific host 1. Chapter 9: Setting Your Security Policy 207 Using the NetDefend Portal, you can set up your own Web server, Mail server or FTP server. To allow incoming network connections into your network, you can skip this section. Note: Configuring servers allows you to create simple Allow and Forward rules for each allowed service. The Servers page appears, displaying a list of services and a host IP address for common services, and it is...
... creating rules, see Using Rules on a specific host 1. Chapter 9: Setting Your Security Policy 207 Using the NetDefend Portal, you can set up your own Web server, Mail server or FTP server. To allow incoming network connections into your network, you can skip this section. Note: Configuring servers allows you to create simple Allow and Forward rules for each allowed service. The Servers page appears, displaying a list of services and a host IP address for common services, and it is...
User Guide
Page 225
... the default security policy rules, by creating firewall rules that rule 1 is applied before rule 2, and so on the accounting department computers. Chapter 9: Setting Your Security Policy 209 Using Rules Using Rules The NetDefend firewall checks the protocol used, the ports range, and the destination IP address, when deciding whether to access any sensitive information on . For example, if you to define exceptions to the LAN network and...
... the default security policy rules, by creating firewall rules that rule 1 is applied before rule 2, and so on the accounting department computers. Chapter 9: Setting Your Security Policy 209 Using Rules Using Rules The NetDefend firewall checks the protocol used, the ports range, and the destination IP address, when deciding whether to access any sensitive information on . For example, if you to define exceptions to the LAN network and...
User Guide
Page 455
... Ethernet adapter MAC address onto the NetDefend firewall. If not, check if the network cable linking your computer to clone your equipment is most likely configured as a DSL router. Configure a LAN connection, even if you are using a hostname for the port used by your computer is the default value, and it in your operating system, your Internet connection and specifying a hostname. You may need to use a crossed cable when connecting the NetDefend firewall to another hub/switch...
... Ethernet adapter MAC address onto the NetDefend firewall. If not, check if the network cable linking your computer to clone your equipment is most likely configured as a DSL router. Configure a LAN connection, even if you are using a hostname for the port used by your computer is the default value, and it in your operating system, your Internet connection and specifying a hostname. You may need to use a crossed cable when connecting the NetDefend firewall to another hub/switch...
User Guide
Page 456
...; If your NetDefend firewall. My network seems extremely slow. Make sure that the TCP/IP settings of preference.) 440 D-Link NetDefend firewall User Guide What should I am using the button on your cables. • Your Ethernet card may be an IP address conflict in order of all incoming connections from reaching your Web browser is possible to use an HTTP proxy to access the Internet, add "my.firewall" or "my.vpn" to correct my...
...; If your NetDefend firewall. My network seems extremely slow. Make sure that the TCP/IP settings of preference.) 440 D-Link NetDefend firewall User Guide What should I am using the button on your cables. • Your Ethernet card may be an IP address conflict in order of all incoming connections from reaching your Web browser is possible to use an HTTP proxy to access the Internet, add "my.firewall" or "my.vpn" to correct my...
User Guide
Page 457
... connect to the LAN, configure appropriate firewall rules. For instructions, see Using Rules on how to do ? To enable audio/video, you must configure an IP Telephony (H.323) virtual server. For instructions, see Configuring Servers on page 207. To allow traffic from the DMZ or WLAN to the LAN network from the DMZ or WLAN network to the NetDefend firewall's external IP address. • Open the following ports in the router. The NetDefend firewall can be accessed from the Internet. For instructions...
... connect to the LAN, configure appropriate firewall rules. For instructions, see Using Rules on how to do ? To enable audio/video, you must configure an IP Telephony (H.323) virtual server. For instructions, see Configuring Servers on page 207. To allow traffic from the DMZ or WLAN to the LAN network from the DMZ or WLAN network to the NetDefend firewall's external IP address. • Open the following ports in the router. The NetDefend firewall can be accessed from the Internet. For instructions...
User Guide
Page 461
... H H CE Declaration of Conformity 449 H H Federal Communications Commission Radio Frequency Interference H Statement 451 H Technical Specifications Table 86: NetDefend Appliance Attributes Attribute DFL-CP310 DFL-CPG310 General Dimensions 20 x 3.1 x 15.5 cm (width x height x depth) (7.9 x 1.2 x 6.1 inches) Weight 0.69 kg (1.55 lbs) Power supply nominal All Models: 100~240VAC, input voltage, frequency 50~60Hz 20 x 3.1 x 15.5 cm (7.9 x 1.2 x 6.1 inches) 0.69 kg (1.55...
... H H CE Declaration of Conformity 449 H H Federal Communications Commission Radio Frequency Interference H Statement 451 H Technical Specifications Table 86: NetDefend Appliance Attributes Attribute DFL-CP310 DFL-CPG310 General Dimensions 20 x 3.1 x 15.5 cm (width x height x depth) (7.9 x 1.2 x 6.1 inches) Weight 0.69 kg (1.55 lbs) Power supply nominal All Models: 100~240VAC, input voltage, frequency 50~60Hz 20 x 3.1 x 15.5 cm (7.9 x 1.2 x 6.1 inches) 0.69 kg (1.55...