Datasheet
Page 1
.... Powerful VPN Performance NetDefend UTM Firewalls offer an integrated VPN Client and Server allowing remote offices or trusted partner to securely connect to safely manage employee... Security Integrated Firewall/VPN and UTM provides protection from a wide variety of threats. DFL-260E/860E/1660/2560/2560G NetDefend UTM Firewall Series Features Integrated Firewall/VPN • Powerful...Traversal • VPN Hub and Spoke • IPSec, PPTP, L2TP • DES, 3DES, AES, Twofish, Blowfish,CAST-128 Encryption The D-Link NetDefend Unified Threat Management (UTM) firewalls provide a powerful ...
.... Powerful VPN Performance NetDefend UTM Firewalls offer an integrated VPN Client and Server allowing remote offices or trusted partner to securely connect to safely manage employee... Security Integrated Firewall/VPN and UTM provides protection from a wide variety of threats. DFL-260E/860E/1660/2560/2560G NetDefend UTM Firewall Series Features Integrated Firewall/VPN • Powerful...Traversal • VPN Hub and Spoke • IPSec, PPTP, L2TP • DES, 3DES, AES, Twofish, Blowfish,CAST-128 Encryption The D-Link NetDefend Unified Threat Management (UTM) firewalls provide a powerful ...
Datasheet
Page 3
...global index servers with malicious traffic. WAN Link Load-Balancing and Fault-Tolerance Multiple WAN ports support traffic load balancing and failover, thus guaranteeing Internet availability and bandwidth. Streaming-based pattern matching provides effective protection against zero-day attacks. DFL-260E/860E/...encryption and authentication for IPSec, PPTP, L2TP, and SSL in use, and can be adjusted, only using as much as Java Applets, JavaScripts/VBScripts, ActiveX objects, and cookies. D-Link Green Certified The D-Link Green certified DFL-1660 and DFL-2560(G) are priced per firewall...
...global index servers with malicious traffic. WAN Link Load-Balancing and Fault-Tolerance Multiple WAN ports support traffic load balancing and failover, thus guaranteeing Internet availability and bandwidth. Streaming-based pattern matching provides effective protection against zero-day attacks. DFL-260E/860E/...encryption and authentication for IPSec, PPTP, L2TP, and SSL in use, and can be adjusted, only using as much as Java Applets, JavaScripts/VBScripts, ActiveX objects, and cookies. D-Link Green Certified The D-Link Green certified DFL-1660 and DFL-2560(G) are priced per firewall...
Datasheet
Page 4
.../2560/2560G NetDefend UTM Firewall Series Technical Specifications DFL-260E DFL-860E DFL-1660 DFL-2560(G) Ethernet Ports SFP USB Console System Performance1 Firewall Throughput2 VPN Throughput3 IPS Throughput4 Antivirus Throughput4 Concurrent Sessions New Sessions (... VLAN • 8 • 16 • 1024 • 2048 • IGMP v3 • Encryption Methods (DES/3DES/AES/Twofish/Blowfish/ CAST-128) • PPTP/L2TP Server • SSL VPN • Hub and Spoke • IPSec NAT Traversal • 100 • 3005 • 2,500 • 5,000 • Outbound Load Balancing...
.../2560/2560G NetDefend UTM Firewall Series Technical Specifications DFL-260E DFL-860E DFL-1660 DFL-2560(G) Ethernet Ports SFP USB Console System Performance1 Firewall Throughput2 VPN Throughput3 IPS Throughput4 Antivirus Throughput4 Concurrent Sessions New Sessions (... VLAN • 8 • 16 • 1024 • 2048 • IGMP v3 • Encryption Methods (DES/3DES/AES/Twofish/Blowfish/ CAST-128) • PPTP/L2TP Server • SSL VPN • Hub and Spoke • IPSec NAT Traversal • 100 • 3005 • 2,500 • 5,000 • Outbound Load Balancing...
CLI Guide for DFL-260E
Page 127
... IP address for this network object exists and have a value other then 0.0.0.0 the PPTP/L2TP client will try to get that one from the PPTP/L2TP server as source IP in IKE. (Default: 2) Specifies whether PFS should be used or...: 90) Automatically add a route for use when doing key exchanges in e.g. NAT. Its IP address and DNS servers are dynamically assigned. L2TPClient NAT. (Default: LocalInterface) Manually specified originator IP address to use as preferred IP. (Optional...address used when sending keep -alive ICMP pings. The IP address of the L2TP/PPTP server. 127 3.28.6.
... IP address for this network object exists and have a value other then 0.0.0.0 the PPTP/L2TP client will try to get that one from the PPTP/L2TP server as source IP in IKE. (Default: 2) Specifies whether PFS should be used or...: 90) Automatically add a route for use when doing key exchanges in e.g. NAT. Its IP address and DNS servers are dynamically assigned. L2TPClient NAT. (Default: LocalInterface) Manually specified originator IP address to use as preferred IP. (Optional...address used when sending keep -alive ICMP pings. The IP address of the L2TP/PPTP server. 127 3.28.6.
Log Reference Guide for DFL-260E
Page 131
close Decrease the maximum allowed PPTPALG sessions, or try to the receiving PPTP server, resulting in that the ALG session could not connect to free some of the RAM used. 1 ALG Module Name 2.1.243. None...Context Parameters ERROR PPTPALG: Failed to connect to the PPTP Server. pptp_tunnel_established_client (ID: 00200604) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters NOTICE PPTPALG: PPTP tunnel established from client A PPTP tunnel has been established between the PPTP client and the PPTP-ALG. None None. 1 ALG Session ID ALG ...
close Decrease the maximum allowed PPTPALG sessions, or try to the receiving PPTP server, resulting in that the ALG session could not connect to free some of the RAM used. 1 ALG Module Name 2.1.243. None...Context Parameters ERROR PPTPALG: Failed to connect to the PPTP Server. pptp_tunnel_established_client (ID: 00200604) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters NOTICE PPTPALG: PPTP tunnel established from client A PPTP tunnel has been established between the PPTP client and the PPTP-ALG. None None. 1 ALG Session ID ALG ...
Log Reference Guide for DFL-260E
Page 132
.... 1 132 pptp_tunnel_removed_server (ID: 00200606) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters NOTICE PPTPALG: PPTP tunnel between server and security gateway removed A PPTP tunnel has been removed betweem the PPTP server and the PPTP-ALG. None None. 1 ALG Session ID ALG Module Name 2.1.248. pptp_session_established (ID: 00200607) Default Severity Log Message Explanation...
.... 1 132 pptp_tunnel_removed_server (ID: 00200606) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters NOTICE PPTPALG: PPTP tunnel between server and security gateway removed A PPTP tunnel has been removed betweem the PPTP server and the PPTP-ALG. None None. 1 ALG Session ID ALG Module Name 2.1.248. pptp_session_established (ID: 00200607) Default Severity Log Message Explanation...
Log Reference Guide for DFL-260E
Page 133
...pptp_tunnel_established_server (ID: 00200610) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters NOTICE PPTPALG: PPTP tunnel established from on A malformed packet was received by the PPTP-ALG. pptp_malformed_packet (ID: 00200609) Chapter 2. None None. 1 ALG Session ID ALG Module Name 133 2.1.... (ID: 00200609) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Malformed packet received from server A PPTP tunnel has been established between PPTP server and security gateway.
...pptp_tunnel_established_server (ID: 00200610) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Context Parameters NOTICE PPTPALG: PPTP tunnel established from on A malformed packet was received by the PPTP-ALG. pptp_malformed_packet (ID: 00200609) Chapter 2. None None. 1 ALG Session ID ALG Module Name 133 2.1.... (ID: 00200609) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Malformed packet received from server A PPTP tunnel has been established between PPTP server and security gateway.
Log Reference Guide for DFL-260E
Page 374
...unknown_pptp_auth_source (ID: 02700004) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Unknown PPTP authentication source for the specified userauth rule found in the new configuration is unknown to the 374 ...ID: 02700006) Default Severity Log Message Explanation WARNING PPTP server received a packet routed by a route not set up by the userauth system. The PPTP server interface received a packet that was routed to the PPTP server. Closing down the PPTP connection. pptp_connection_closed Make sure the userauth rules are...
...unknown_pptp_auth_source (ID: 02700004) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING Unknown PPTP authentication source for the specified userauth rule found in the new configuration is unknown to the 374 ...ID: 02700006) Default Severity Log Message Explanation WARNING PPTP server received a packet routed by a route not set up by the userauth system. The PPTP server interface received a packet that was routed to the PPTP server. Closing down the PPTP connection. pptp_connection_closed Make sure the userauth rules are...
Log Reference Guide for DFL-260E
Page 375
... 02700007) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING MPPE failed but the MPPE negotiation failed. A PPTP session has been closed . pptp_session_request (ID: 02700009) Default Severity NOTICE 375 2.32.7. The specified interface, remote gateway and...manually configured routes pointing to on closed . close_session Make sure the peer is required, closing session to on the PPTP server using the dynamic routes set up by the interface itself. pptp_session_closed (ID: 02700008) Default Severity Log Message Explanation ...
... 02700007) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING MPPE failed but the MPPE negotiation failed. A PPTP session has been closed . pptp_session_request (ID: 02700009) Default Severity NOTICE 375 2.32.7. The specified interface, remote gateway and...manually configured routes pointing to on closed . close_session Make sure the peer is required, closing session to on the PPTP server using the dynamic routes set up by the interface itself. pptp_session_closed (ID: 02700008) Default Severity Log Message Explanation ...
Log Reference Guide for DFL-260E
Page 379
... up . None None. 1 iface remotegw 2.32.19. This might give a clue why the PPTP server refused the PPTP control connection. 1 reason iface remotegw 2.32.20. This PPTP client has established a control connection to this PPTP server. None None. 379 Reason: A remote PPTP server refused to server on . pptp_tunnel_up (ID: 02700019) Chapter 2. Log Message Reference Revision Parameters 1 iface remotegw 2.32...
... up . None None. 1 iface remotegw 2.32.19. This might give a clue why the PPTP server refused the PPTP control connection. 1 reason iface remotegw 2.32.20. This PPTP client has established a control connection to this PPTP server. None None. 379 Reason: A remote PPTP server refused to server on . pptp_tunnel_up (ID: 02700019) Chapter 2. Log Message Reference Revision Parameters 1 iface remotegw 2.32...
Log Reference Guide for DFL-260E
Page 380
... . pptp_connection_disallowed (ID: 02700024) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING PPTP connection from disallowed according to the PPTP server. unknown_pptp_auth_source (ID: 02700025) Default Severity Log Message Explanation Gateway Action Recommended Action WARNING Unknown PPTP authentication source for the specified userauth rule is disallowed according to the specified userauth rule...
... . pptp_connection_disallowed (ID: 02700024) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters WARNING PPTP connection from disallowed according to the PPTP server. unknown_pptp_auth_source (ID: 02700025) Default Severity Log Message Explanation Gateway Action Recommended Action WARNING Unknown PPTP authentication source for the specified userauth rule is disallowed according to the specified userauth rule...
Log Reference Guide for DFL-260E
Page 381
... Explanation Gateway Action Recommended Action Revision Parameters WARNING Did not find a userauth rule matching the incoming PPTP connection. The PPTP server was received by the PPTP interface. malformed_packet (ID: 02700027) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters ...Interface: , Remote gateway: . None Make sure the userauth rules are configured correctly. 1 iface remotegw 2.32.25. The PPTP server cannot start until it has an IP address to listen on . 2.32.24. waiting_for_ip_to_listen_on (ID: 02700050) Default Severity Log...
... Explanation Gateway Action Recommended Action Revision Parameters WARNING Did not find a userauth rule matching the incoming PPTP connection. The PPTP server was received by the PPTP interface. malformed_packet (ID: 02700027) Default Severity Log Message Explanation Gateway Action Recommended Action Revision Parameters ...Interface: , Remote gateway: . None Make sure the userauth rules are configured correctly. 1 iface remotegw 2.32.25. The PPTP server cannot start until it has an IP address to listen on . 2.32.24. waiting_for_ip_to_listen_on (ID: 02700050) Default Severity Log...
Log Reference Guide for DFL-260E
Page 382
Log Message Reference Revision Parameters server interface. If the PPTP server is supposed to listen on an IP assigned by a DHCP server, make sure that the DHCP server is working properly. 1 iface 382 2.32.26. waiting_for_ip_to_listen_on (ID: 02700050) Chapter 2.
Log Message Reference Revision Parameters server interface. If the PPTP server is supposed to listen on an IP assigned by a DHCP server, make sure that the DHCP server is working properly. 1 iface 382 2.32.26. waiting_for_ip_to_listen_on (ID: 02700050) Chapter 2.
User Manual for DFL-260E
Page 7
... Start 413 9.2.1. IPsec Roaming Clients with Pre-Shared Keys 419 9.2.6. IPsec Components 423 9.3.1. IPsec Advanced Settings 453 9.5. L2TP/PPTP Server advanced settings 463 9.5.4. User Manual 6.7. Port Translation 381 7.4.5. Overview 385 8.2. External RADIUS Servers 389 8.2.4. External LDAP Servers 389 8.2.5. Authentication Rules 396 8.2.6. HTTP Authentication 399 8.3. L2TP Roaming Clients with Pre-shared Keys 416 9.2.4. IKE Authentication...
... Start 413 9.2.1. IPsec Roaming Clients with Pre-Shared Keys 419 9.2.6. IPsec Components 423 9.3.1. IPsec Advanced Settings 453 9.5. L2TP/PPTP Server advanced settings 463 9.5.4. User Manual 6.7. Port Translation 381 7.4.5. Overview 385 8.2. External RADIUS Servers 389 8.2.4. External LDAP Servers 389 8.2.5. Authentication Rules 396 8.2.6. HTTP Authentication 399 8.3. L2TP Roaming Clients with Pre-shared Keys 416 9.2.4. IKE Authentication...
User Manual for DFL-260E
Page 13
...445 9.9. Editing Content Filtering HTTP Banner Files 405 9.1. Setting up a DHCP server 251 5.2. Add OSPF Interface Objects 217 4.12. Address Translation 224 4.16. No Address Translation 227 4.17. Setting up a PPTP server 458 9.11. Using an Algorithm Proposal List 433 9.2. Setting up a ...320 6.14. Reclassifying a blocked site 327 6.18. Configuring an SMTP Log Receiver 351 6.21. Adding a Host to a Protected Web Server in a DMZ 373 7.4. Enabling Traffic to the Whitelist 361 7.1. Creating an Authentication User Group 402 8.2. Using Config Mode with the Gatekeeper...
...445 9.9. Editing Content Filtering HTTP Banner Files 405 9.1. Setting up a DHCP server 251 5.2. Add OSPF Interface Objects 217 4.12. Address Translation 224 4.16. No Address Translation 227 4.17. Setting up a PPTP server 458 9.11. Using an Algorithm Proposal List 433 9.2. Setting up a ...320 6.14. Reclassifying a blocked site 327 6.18. Configuring an SMTP Log Receiver 351 6.21. Adding a Host to a Protected Web Server in a DMZ 373 7.4. Enabling Traffic to the Whitelist 361 7.1. Creating an Authentication User Group 402 8.2. Using Config Mode with the Gatekeeper...
User Manual for DFL-260E
Page 368
... though they are employed to anonymize traffic between the firewall and the Internet, it appears as a PPTP server and terminates the PPTP tunnel for the client, terminating the PPTP tunnel. When an application, such as the PPTP server for PPTP clients. The application therefore sends its responses back to the firewall which relays the traffic back to...
... though they are employed to anonymize traffic between the firewall and the Internet, it appears as a PPTP server and terminates the PPTP tunnel for the client, terminating the PPTP tunnel. When an application, such as the PPTP server for PPTP clients. The application therefore sends its responses back to the firewall which relays the traffic back to...
User Manual for DFL-260E
Page 457
... switched networks, possibly with this scenario is relevant in the normal way using a modem link over dial-up Internet access. A quick start checklist of achieving VPN access from the PPTP server to the client. It is an OSI layer 2 "data-link" protocol (see Appendix D, The OSI Framework) and is still widely used feature that...
... switched networks, possibly with this scenario is relevant in the normal way using a modem link over dial-up Internet access. A quick start checklist of achieving VPN access from the PPTP server to the client. It is an OSI layer 2 "data-link" protocol (see Appendix D, The OSI Framework) and is still widely used feature that...
User Manual for DFL-260E
Page 458
...is simpler to administer with a log message of the PPTP server interface, an outer IP address (that the PPTP server should listen to specify in which L2TP packets are encapsulated by IPsec. Enter a name for the PPTP Server, for example MyPPTPServer 3. Under the Add Route tab,...as default. VPN A common problem with setting up a PPTP server This example shows how to : Interfaces > PPTP/L2TP Servers > Add > PPTP/L2TP Server 2. L2TP is certificate based and therefore is enabled as a PPP session, using the PPTP tunnel it is that certain address objects in this problem ...
...is simpler to administer with a log message of the PPTP server interface, an outer IP address (that the PPTP server should listen to specify in which L2TP packets are encapsulated by IPsec. Enter a name for the PPTP Server, for example MyPPTPServer 3. Under the Add Route tab,...as default. VPN A common problem with setting up a PPTP server This example shows how to : Interfaces > PPTP/L2TP Servers > Add > PPTP/L2TP Server 2. L2TP is certificate based and therefore is enabled as a PPP session, using the PPTP tunnel it is that certain address objects in this problem ...
User Manual for DFL-260E
Page 463
... the NetDefend Firewall directly to the L2TP Server without consulting the rule set . In addition to being able to act as a PPTP or L2TP server, NetDefendOS also offers the ability to another unit which involves the following L2TP/PPTP server advanced settings are described in the previous ...VPN protocol instead of IPsec. Click OK 9.5.3. This can act as a client and connect to act as the server. Client Setup PPTP and L2TP shares a common approach to the PPTP Server without consulting the rule set . The IP address of PPP layer resends. A symbolic name for the client....
... the NetDefend Firewall directly to the L2TP Server without consulting the rule set . In addition to being able to act as a PPTP or L2TP server, NetDefendOS also offers the ability to another unit which involves the following L2TP/PPTP server advanced settings are described in the previous ...VPN protocol instead of IPsec. Click OK 9.5.3. This can act as a client and connect to act as the server. Client Setup PPTP and L2TP shares a common approach to the PPTP Server without consulting the rule set . The IP address of PPP layer resends. A symbolic name for the client....
User Manual for DFL-260E
Page 464
... • Inner IP Address - If this network object exists and has a value which is trying to connect to the PPTP server then this is used and which specifies that is enabled then NetDefendOS will not be routed through NetDefendOS before disconnection. When using... the setup: • A PPTP tunnel is defined between NetDefendOS and the server. • A route is for this option is used with PPTP/L2TP tunnels. Specifies the username to a PPTP server on the name of inactivity in NetDefendOS which level to the PPTP server. The parameters for the NetDefend Firewall...
... • Inner IP Address - If this network object exists and has a value which is trying to connect to the PPTP server then this is used and which specifies that is enabled then NetDefendOS will not be routed through NetDefendOS before disconnection. When using... the setup: • A PPTP tunnel is defined between NetDefendOS and the server. • A route is for this option is used with PPTP/L2TP tunnels. Specifies the username to a PPTP server on the name of inactivity in NetDefendOS which level to the PPTP server. The parameters for the NetDefend Firewall...