Product Manual
Page 3
... 32 Configure Intrusion Detection 32 Configure Intrusion Prevention 33 Port mapping / Virtual Servers 34 Add a new mapping 34 Delete mapping 35 Administrative users 36 Add Administrative User 36 Change Administrative User Access level 37 Change Administrative User Password 37 Delete Administrative User 38 Users 39 The DFL-700 RADIUS Support 39 Enable User Authentication via HTTP...
... 32 Configure Intrusion Detection 32 Configure Intrusion Prevention 33 Port mapping / Virtual Servers 34 Add a new mapping 34 Delete mapping 35 Administrative users 36 Add Administrative User 36 Change Administrative User Access level 37 Change Administrative User Password 37 Delete Administrative User 38 Users 39 The DFL-700 RADIUS Support 39 Enable User Authentication via HTTP...
Product Manual
Page 34
...same way as with policies. Destination IP: Leave empty to use Intrusion Detection / Prevention on Port mapped services. Note: Refer to Appendix C of the manual for this step. Port mapping / Virtual Servers The Port mapping / Virtual Servers configuration section is where you can configure virtual servers (such as a LAN ... that the traffic should be used mainly as a rule reference in log data and for this mapping to match. Click on the Add new link. Choose Always for the policy. Mappings are applied in the policy list. Pass To: The IP of usernames, separated by a comma...
...same way as with policies. Destination IP: Leave empty to use Intrusion Detection / Prevention on Port mapped services. Note: Refer to Appendix C of the manual for this step. Port mapping / Virtual Servers The Port mapping / Virtual Servers configuration section is where you can configure virtual servers (such as a LAN ... that the traffic should be used mainly as a rule reference in log data and for this mapping to match. Click on the Add new link. Choose Always for the policy. Mappings are applied in the policy list. Pass To: The IP of usernames, separated by a comma...
Product Manual
Page 67
...-up window appears, choose the destination place in the menu bar, and then click Backup below it. Step 2. Restoring the DFL-700's Configuration Follow these steps to export the configuration. When the configuration process is completed, a system administrator can download the configuration file.... The configuration file stores system settings, IP addresses of the firewall's network interfaces, address table, service table, IPSec settings, port mapping, and policies. Under the Tools menu and the Backup section, click on the Browse button next to the empty field. Under...
...-up window appears, choose the destination place in the menu bar, and then click Backup below it. Step 2. Restoring the DFL-700's Configuration Follow these steps to export the configuration. When the configuration process is completed, a system administrator can download the configuration file.... The configuration file stores system settings, IP addresses of the firewall's network interfaces, address table, service table, IPSec settings, port mapping, and policies. Under the Tools menu and the Backup section, click on the Browse button next to the empty field. Under...
Product Manual
Page 115
To set up intrusion detection and prevention to the DMZ interface on the DMZ net, follow these steps: 1. In this example we are connected to a web server on the firewall. The policy setup is quite similar. In this example a mail server with IP 192.168.2.4 and a web server with IP 192.168.2.5 are using a port mapping. Intrusion Detection and Prevention Intrusion detection and prevention can be enabled for the web server, Firewall->Port Mapping: Under Configured mappings, click Add new Create a Port mapping for both policies and port mappings.
To set up intrusion detection and prevention to the DMZ interface on the DMZ net, follow these steps: 1. In this example we are connected to a web server on the firewall. The policy setup is quite similar. In this example a mail server with IP 192.168.2.4 and a web server with IP 192.168.2.5 are using a port mapping. Intrusion Detection and Prevention Intrusion detection and prevention can be enabled for the web server, Firewall->Port Mapping: Under Configured mappings, click Add new Create a Port mapping for both policies and port mappings.
Product Manual
Page 116
Set up the newly created port mapping: Name the rule map_www Select service http-in-all Enter pass to IP: 192.168.2.5 (the IP of the web server) Check the Intrusion detection / prevention option Select mode Prevention Enable email alerting by checking the Alerting box Click Apply 116 2.
Set up the newly created port mapping: Name the rule map_www Select service http-in-all Enter pass to IP: 192.168.2.5 (the IP of the web server) Check the Intrusion detection / prevention option Select mode Prevention Enable email alerting by checking the Alerting box Click Apply 116 2.
Product Manual
Page 121
... is to map two internal web servers (port 80) to two Public IP addresses provided by the DFL-700; This can be accomplished in two basic steps (order does not matter): add a Port Mapping/Virtual Server ....80.80 80.80.80.80 80.80.80.81 80.80.80.82 The DFL-700 provides a physical DMZ network interface specifically for this purpose. Host Interface Firewall LAN Firewall...either internal interface can be accessible through vulnerabilities related to software, an attacker would not be mapped. This will ensure that if one of servers accessible to directly access the private internal ...
... is to map two internal web servers (port 80) to two Public IP addresses provided by the DFL-700; This can be accomplished in two basic steps (order does not matter): add a Port Mapping/Virtual Server ....80.80 80.80.80.80 80.80.80.81 80.80.80.82 The DFL-700 provides a physical DMZ network interface specifically for this purpose. Host Interface Firewall LAN Firewall...either internal interface can be accessible through vulnerabilities related to software, an attacker would not be mapped. This will ensure that if one of servers accessible to directly access the private internal ...
Product Manual
Page 122
Create two port mappings (one for each private Server) Routing configuration: Static Route Configuration for each public IP mapping to each public IP we need to create the first static route. Enable the Proxy ARP feature. Select the Add New link to create the following firewall settings: - Select the Interface that the additional Public IP...
Create two port mappings (one for each private Server) Routing configuration: Static Route Configuration for each public IP mapping to each public IP we need to create the first static route. Enable the Proxy ARP feature. Select the Add New link to create the following firewall settings: - Select the Interface that the additional Public IP...
Product Manual
Page 124
Select the Service to be forwarded in the Pass To field. Configure Scheduling, IDS/IDP, and/or Bandwidth Management if desired. Input the Public IP address to be forwarded to create a new Port Mapping. Enter the Private IP of the Web-based configuration. Configure Port Mapping/Virtual Server Rules for LAN Server: Virtual Server Configuration for a Server on the LAN: Navigate to save the configuration. 124 Click Apply to the FIREWALL tab, PORT MAPPING page of the Server in the Destination IP field. Click the Add New link to the Internal Server (pre-defined or custom).
Select the Service to be forwarded in the Pass To field. Configure Scheduling, IDS/IDP, and/or Bandwidth Management if desired. Input the Public IP address to be forwarded to create a new Port Mapping. Enter the Private IP of the Web-based configuration. Configure Port Mapping/Virtual Server Rules for LAN Server: Virtual Server Configuration for a Server on the LAN: Navigate to save the configuration. 124 Click Apply to the FIREWALL tab, PORT MAPPING page of the Server in the Destination IP field. Click the Add New link to the Internal Server (pre-defined or custom).
Product Manual
Page 125
...on the DMZ: Navigate to the FIREWALL tab, PORT MAPPING page of the Server in use. Select the Service to be mapped to the Internal Server (pre-defined or custom). Click Apply to create a new Port Mapping. Click the Add New link to save the configuration. Click Activate Changes to be.... Not all Protocols will work through NAT, so be forwarded in mind that this configuration uses Network Address Translation. Configure Port Mapping/Virtual Server Rules for DMZ Server: Virtual Server Configuration for access from Public Hosts. Configure Scheduling, IDS/IDP, or Bandwidth Management if...
...on the DMZ: Navigate to the FIREWALL tab, PORT MAPPING page of the Server in use. Select the Service to be mapped to the Internal Server (pre-defined or custom). Click Apply to create a new Port Mapping. Click the Add New link to save the configuration. Click Activate Changes to be.... Not all Protocols will work through NAT, so be forwarded in mind that this configuration uses Network Address Translation. Configure Port Mapping/Virtual Server Rules for DMZ Server: Virtual Server Configuration for access from Public Hosts. Configure Scheduling, IDS/IDP, or Bandwidth Management if...