Product Manual
Page 2
Using PPTP 18 WAN Interface Settings - Using L2TP 19 WAN Interface Settings - Using DHCP 16 WAN Interface Settings - Using PPPoE 17 WAN Interface Settings - Using BigPond 20 ... - Contents Introduction 7 Features and Benefits 7 Introduction to Firewalls 7 Introduction to Local Area Networking 8 LEDs ...9 Physical Connections 9 Package Contents 10 System Requirements 10 Managing D-Link DFL-700 11 Resetting the DFL-700 11 Administration Settings 12 Administrative Access 12 Add ping access to an interface 13 Add Admin access to an interface 13 Add Read-only...
Using PPTP 18 WAN Interface Settings - Using L2TP 19 WAN Interface Settings - Using DHCP 16 WAN Interface Settings - Using PPPoE 17 WAN Interface Settings - Using BigPond 20 ... - Contents Introduction 7 Features and Benefits 7 Introduction to Firewalls 7 Introduction to Local Area Networking 8 LEDs ...9 Physical Connections 9 Package Contents 10 System Requirements 10 Managing D-Link DFL-700 11 Resetting the DFL-700 11 Administration Settings 12 Administrative Access 12 Add ping access to an interface 13 Add Admin access to an interface 13 Add Read-only...
Product Manual
Page 3
...users 36 Add Administrative User 36 Change Administrative User Access level 37 Change Administrative User Password 37 Delete Administrative User 38 Users 39 The DFL-700 RADIUS Support 39 Enable User Authentication via HTTP / HTTPS 40 Enable RADIUS Support 40 Add User ...41 Change User Password 41 Delete ... Service 45 Adding IP Protocol 46 Grouping Services 46 Protocol-independent settings 47 VPN...48 Introduction to IPSec 48 Introduction to PPTP 48 Introduction to L2TP 49 Point-to-Point Protocol 49 Authentication Protocols 50 MPPE, Microsoft Point-To-Point Encryption 50 L2TP...
...users 36 Add Administrative User 36 Change Administrative User Access level 37 Change Administrative User Password 37 Delete Administrative User 38 Users 39 The DFL-700 RADIUS Support 39 Enable User Authentication via HTTP / HTTPS 40 Enable RADIUS Support 40 Add User ...41 Change User Password 41 Delete ... Service 45 Adding IP Protocol 46 Grouping Services 46 Protocol-independent settings 47 VPN...48 Introduction to IPSec 48 Introduction to PPTP 48 Introduction to L2TP 49 Point-to-Point Protocol 49 Authentication Protocols 50 MPPE, Microsoft Point-To-Point Encryption 50 L2TP...
Product Manual
Page 4
... Disable DNS Relayer 64 Tools 65 Ping ...65 Ping Example 65 Dynamic DNS 66 Add Dynamic DNS Settings 66 Backup 67 Exporting the DFL-700's Configuration 67 Restoring the DFL-700's Configuration 67 Restart/Reset 68 4 IPSec VPN between two networks 53 Creating a LAN-to-LAN IPSec VPN Tunnel 53 VPN between client and...
... Disable DNS Relayer 64 Tools 65 Ping ...65 Ping Example 65 Dynamic DNS 66 Add Dynamic DNS Settings 66 Backup 67 Exporting the DFL-700's Configuration 67 Restoring the DFL-700's Configuration 67 Restart/Reset 68 4 IPSec VPN between two networks 53 Creating a LAN-to-LAN IPSec VPN Tunnel 53 VPN between client and...
Product Manual
Page 5
... CONN events 78 Step by Step Guides 79 LAN-to-LAN VPN using IPSec 80 Settings for Main office 82 LAN-to-LAN VPN using PPTP 84 Settings for Main office 86 LAN-to-LAN VPN using L2TP 90 Settings for Branch office 90 Settings for Main office 93 A more... secure LAN-to-LAN VPN solution 97 Settings for Branch office 97 Settings for Main office 100 Windows XP client and PPTP server 101 Settings for the Windows XP client 101 Settings for Main office 108 Windows...
... CONN events 78 Step by Step Guides 79 LAN-to-LAN VPN using IPSec 80 Settings for Main office 82 LAN-to-LAN VPN using PPTP 84 Settings for Main office 86 LAN-to-LAN VPN using L2TP 90 Settings for Branch office 90 Settings for Main office 93 A more... secure LAN-to-LAN VPN solution 97 Settings for Branch office 97 Settings for Main office 100 Windows XP client and PPTP server 101 Settings for the Windows XP client 101 Settings for Main office 108 Windows...
Product Manual
Page 7
... with AES encryption in addition to PPTP and IPSec over the Internet. In addition the DFL-700 also provides a user-friendly Web UI that data is then checked against a set system parameters or monitor network activities using a Web browser supporting Java. Or a firewall can also run specific security functions based on the type of...
... with AES encryption in addition to PPTP and IPSec over the Internet. In addition the DFL-700 also provides a user-friendly Web UI that data is then checked against a set system parameters or monitor network activities using a Web browser supporting Java. Or a firewall can also run specific security functions based on the type of...
Product Manual
Page 18
...WAN interface. Using PPTP PPTP over . This IP is used to access the Internet. 18 Your ISP should supply this information needs to . If using static IP, this information. • Username - You can be input. The IP of the actual physical interface that the DFL-700 will connect to be... filled in some DSL and cable modem networks. WAN Interface Settings - You need to enter your ISP, the physical (WAN) interface parameters must be used to connect to you by your ISP. • PPTP Server IP - The login...
...WAN interface. Using PPTP PPTP over . This IP is used to access the Internet. 18 Your ISP should supply this information needs to . If using static IP, this information. • Username - You can be input. The IP of the actual physical interface that the DFL-700 will connect to be... filled in some DSL and cable modem networks. WAN Interface Settings - You need to enter your ISP, the physical (WAN) interface parameters must be used to connect to you by your ISP. • PPTP Server IP - The login...
Product Manual
Page 48
... make a VPN connection. Just fill in the IKE negotiation. A PPTP based VPN is used to provide IP security at least two SA per IPSec connection. The other remote access companies known collectively as that of the DFL-700, is made up an IPSec Virtual Private Network (VPN), you do... can be accomplished in a number of methods used to provide IP security at the network layer. IPSec, Internet Protocol Security, is a set of Security Associations (SA), for each connection. An IPSec based VPN, such as the PPTP Forum, is the initial negotiation phase, where the two VPN endpoints agree...
... make a VPN connection. Just fill in the IKE negotiation. A PPTP based VPN is used to provide IP security at least two SA per IPSec connection. The other remote access companies known collectively as that of the DFL-700, is made up an IPSec Virtual Private Network (VPN), you do... can be accomplished in a number of methods used to provide IP security at the network layer. IPSec, Internet Protocol Security, is a set of Security Associations (SA), for each connection. An IPSec based VPN, such as the PPTP Forum, is the initial negotiation phase, where the two VPN endpoints agree...
Product Manual
Page 49
...transport between two peers. Introduction to L2TP L2TP, Layer 2 Tunneling Protocol, a combination of Microsoft's PPTP and Cisco's L2F (Layer 2 Forwarding), is used to provide IP security at least one of the peers has to authenticate itself before the network layer protocol parameters can ...Control Protocol (NCP) to establish and negotiate different network layer protocols (DFL-700 only supports IP) • Data encapsulation to encapsulate datagram's over the link. When LCP and NCP negotiation is used to -point links. If authentication is done, IP datagram's can be sent over point-...
...transport between two peers. Introduction to L2TP L2TP, Layer 2 Tunneling Protocol, a combination of Microsoft's PPTP and Cisco's L2F (Layer 2 Forwarding), is used to provide IP security at least one of the peers has to authenticate itself before the network layer protocol parameters can ...Control Protocol (NCP) to establish and negotiate different network layer protocols (DFL-700 only supports IP) • Data encapsulation to encapsulate datagram's over the link. When LCP and NCP negotiation is used to -point links. If authentication is done, IP datagram's can be sent over point-...
Product Manual
Page 51
Password/Confirm Password - Specifies if the L2TP/PPTP Client tunnel should use IPSec enable the checkbox and select PSK or Certificate. If enabled the tunnel will be sent over the PPP link unencrypted. Refer to be using IPSec instead of None means that data will only be persistent (always on ...for data encryption. Authentication protocol - If configuring for L2TP, you most likely will be initiated when needed. Specify the username for this PPTP/L2TP Client tunnel. Dial on ). To use a Static IP or obtain a dynamic IP from the server. The password to use for this...
Password/Confirm Password - Specifies if the L2TP/PPTP Client tunnel should use IPSec enable the checkbox and select PSK or Certificate. If enabled the tunnel will be sent over the PPP link unencrypted. Refer to be using IPSec instead of None means that data will only be persistent (always on ...for data encryption. Authentication protocol - If configuring for L2TP, you most likely will be initiated when needed. Specify the username for this PPTP/L2TP Client tunnel. Dial on ). To use a Static IP or obtain a dynamic IP from the server. The password to use for this...
Product Manual
Page 52
... a name for this field Blank for the LAN IP. Specifies the IP that are used with PPTP). If utilizing the DNS Relay function, be using IPSec instead of MPPE for L2TP/PPTP Server Configuration Name - MPPE encryption - Require IPSec encryption - If configuring for L2TP, you most likely...is used in Microsoft environments which authentication protocol to clients. Information related to ensure proper DNS info. Refer to be sent over the PPP link unencrypted. If MPPE encryption is to the Authentication Protocols section for the WAN IP. Inner IP - An IP range, group or entire...
... a name for this field Blank for the LAN IP. Specifies the IP that are used with PPTP). If utilizing the DNS Relay function, be using IPSec instead of MPPE for L2TP/PPTP Server Configuration Name - MPPE encryption - Require IPSec encryption - If configuring for L2TP, you most likely...is used in Microsoft environments which authentication protocol to clients. Information related to ensure proper DNS info. Refer to be sent over the PPP link unencrypted. If MPPE encryption is to the Authentication Protocols section for the WAN IP. Inner IP - An IP range, group or entire...
Product Manual
Page 55
... numbers (0-9) and upper and lower case letters (A-Z, a-z), and the special characters '' and '_'. If you are using IPSec encryption for the L2TP or PPTP Client, choose the appropriate authentication type, either PSK (Pre-shared Key) or Certificate-based. The name can contain numbers (09) and upper and lower...'s on the WAN IP. Step 4. If you are using IPSec encryption for this should be handed out to L2TP or PPTP Clients. Adding an L2TP/PPTP VPN Server Follow these steps to discard changes. Click the Apply button below to apply the change or click Cancel to add...
... numbers (0-9) and upper and lower case letters (A-Z, a-z), and the special characters '' and '_'. If you are using IPSec encryption for the L2TP or PPTP Client, choose the appropriate authentication type, either PSK (Pre-shared Key) or Certificate-based. The name can contain numbers (09) and upper and lower...'s on the WAN IP. Step 4. If you are using IPSec encryption for this should be handed out to L2TP or PPTP Clients. Adding an L2TP/PPTP VPN Server Follow these steps to discard changes. Click the Apply button below to apply the change or click Cancel to add...
Product Manual
Page 76
.... all interfaces where HTTP and HTTPS authentication is possible is listed. 76 A window will be able to log out by clicking logout. Users Click on PPTP and L2TP servers will be listed here. Currently recognized privileges - Users can be forced to use HTTP and HTTPS authentication. Interfaces where authentication are listed...
.... all interfaces where HTTP and HTTPS authentication is possible is listed. 76 A window will be able to log out by clicking logout. Users Click on PPTP and L2TP servers will be listed here. Currently recognized privileges - Users can be forced to use HTTP and HTTPS authentication. Interfaces where authentication are listed...
Product Manual
Page 84
Setup interfaces, System->Interfaces: WAN IP: 194.0.2.10 LAN IP: 192.168.4.1, Subnet mask: 255.255.255.0 2. LAN-to-LAN VPN using PPTP Settings for Branch office 1. Setup PPTP client, Firewall->VPN: Under PPTP/L2TP clients click Add new PPTP client Name the tunnel toMainOffice 84
Setup interfaces, System->Interfaces: WAN IP: 194.0.2.10 LAN IP: 192.168.4.1, Subnet mask: 255.255.255.0 2. LAN-to-LAN VPN using PPTP Settings for Branch office 1. Setup PPTP client, Firewall->VPN: Under PPTP/L2TP clients click Add new PPTP client Name the tunnel toMainOffice 84
Product Manual
Page 87
Setup PPTP server, Firewall->VPN: Under L2TP / PPTP Server click Add new PPTP server Name the server pptpServer Leave Outer IP and Inner IP blank Set client IP pool to 192.168.1.100 - 192.168.1.199 Check Proxy ARP dynamically added routes Check Use unit's own DNS relayer addresses Leave WINS settings blank 2.
Setup PPTP server, Firewall->VPN: Under L2TP / PPTP Server click Add new PPTP server Name the server pptpServer Leave Outer IP and Inner IP blank Set client IP pool to 192.168.1.100 - 192.168.1.199 Check Proxy ARP dynamically added routes Check Use unit's own DNS relayer addresses Leave WINS settings blank 2.
Product Manual
Page 89
... new user BranchOffice Enter password: 1234567890 Retype password: 1234567890 Leave static client IP empty (could also be set here the IP pool from the PPTP server settings are used). This example will allow all traffic between the two offices. Set Networks behind user to 192.168.1.200. If no... IP is set to 192.168.4.0/24 Click Apply 6. To get a more secure solution read the A more secure LAN-to restart. 4. Set up the authentication source, Firewall->Users: Select Local database Click Apply 5. Click Activate and wait for the firewall...
... new user BranchOffice Enter password: 1234567890 Retype password: 1234567890 Leave static client IP empty (could also be set here the IP pool from the PPTP server settings are used). This example will allow all traffic between the two offices. Set Networks behind user to 192.168.1.200. If no... IP is set to 192.168.4.0/24 Click Apply 6. To get a more secure solution read the A more secure LAN-to restart. 4. Set up the authentication source, Firewall->Users: Select Local database Click Apply 5. Click Activate and wait for the firewall...
Product Manual
Page 90
Setup L2TP client, Firewall->VPN: Under L2TP / PPTP client click Add new L2TP client Name the server toMainOffice 90 LAN-to-LAN VPN using L2TP Settings for Branch office 1. Setup interfaces, System->Interfaces: WAN IP: 194.0.2.10 LAN IP: 192.168.4.1, Subnet mask: 255.255.255.0 2.
Setup L2TP client, Firewall->VPN: Under L2TP / PPTP client click Add new L2TP client Name the server toMainOffice 90 LAN-to-LAN VPN using L2TP Settings for Branch office 1. Setup interfaces, System->Interfaces: WAN IP: 194.0.2.10 LAN IP: 192.168.4.1, Subnet mask: 255.255.255.0 2.
Product Manual
Page 93
Setup L2TP server, Firewall->VPN: Under L2TP / PPTP Server click Add new L2TP server Name the server l2tpServer Leave Outer IP and Inner IP blank Set client IP pool to 192.168.1.100 - 192.168.1.199 Check Proxy ARP dynamically added routes Check Use unit's own DNS relayer addresses Leave WINS settings blank Setup interfaces, System->Interfaces: WAN IP: 194.0.2.20 LAN IP: 192.168.1.1, Subnet mask: 255.255.255.0 2. Settings for Main office 1.
Setup L2TP server, Firewall->VPN: Under L2TP / PPTP Server click Add new L2TP server Name the server l2tpServer Leave Outer IP and Inner IP blank Set client IP pool to 192.168.1.100 - 192.168.1.199 Check Proxy ARP dynamically added routes Check Use unit's own DNS relayer addresses Leave WINS settings blank Setup interfaces, System->Interfaces: WAN IP: 194.0.2.20 LAN IP: 192.168.1.1, Subnet mask: 255.255.255.0 2. Settings for Main office 1.
Product Manual
Page 101
If you are using the Category view, click on the Network and Internet Connections icon. Click next. Under Network task, click Create a new connection 4. The New connection wizard window opens up. Then click Create a connection to step 6. If you are using the Classic view, click on your workplace and continue to the network on the Network Connections icon. 3. Windows XP client and PPTP server Settings for the Windows XP client 1. Open the control panel (Start button -> Control panel). 2.
If you are using the Category view, click on the Network and Internet Connections icon. Click next. Under Network task, click Create a new connection 4. The New connection wizard window opens up. Then click Create a connection to step 6. If you are using the Classic view, click on your workplace and continue to the network on the Network Connections icon. 3. Windows XP client and PPTP server Settings for the Windows XP client 1. Open the control panel (Start button -> Control panel). 2.
Product Manual
Page 108
13. All settings needed for Main office 1. Once we have configured the server on the firewall you should be able to click Connect to establish the connection to PPTP VPN. Click OK. Settings for the XP client are now complete. Setup interfaces, System->Interfaces: WAN IP: 194.0.2.20 LAN IP: 192.168.1.1, Subnet mask: 255.255.255.0 108 Select the Networking tab and change Type of VPN to the Main office.
13. All settings needed for Main office 1. Once we have configured the server on the firewall you should be able to click Connect to establish the connection to PPTP VPN. Click OK. Settings for the XP client are now complete. Setup interfaces, System->Interfaces: WAN IP: 194.0.2.20 LAN IP: 192.168.1.1, Subnet mask: 255.255.255.0 108 Select the Networking tab and change Type of VPN to the Main office.
Product Manual
Page 109
...the new user HomeUser Enter password: 1234567890 Retype password: 1234567890 Leave static client IP empty (could also be set here the IP pool from the PPTP server settings are used). Setup policies for the firewall to restart. Click Apply 6. 2. Set up authentication source, Firewall->Users: Select Local database ... should be the only checked option. Under MPPE encryption 128 bit should be the only checked option. Setup PPTP server, Firewall->VPN: Under L2TP / PPTP Server click Add new PPTP server Name the server pptpServer Leave Outer IP and Inner IP blank Set client IP pool to eg 192...
...the new user HomeUser Enter password: 1234567890 Retype password: 1234567890 Leave static client IP empty (could also be set here the IP pool from the PPTP server settings are used). Setup policies for the firewall to restart. Click Apply 6. 2. Set up authentication source, Firewall->Users: Select Local database ... should be the only checked option. Under MPPE encryption 128 bit should be the only checked option. Setup PPTP server, Firewall->VPN: Under L2TP / PPTP Server click Add new PPTP server Name the server pptpServer Leave Outer IP and Inner IP blank Set client IP pool to eg 192...