User Manual
Page 4
... management. The DMZ interface connects to connect with an external router, DSL modem, or Cable modem. It also provides an easily operated software WebUI which allows users to the Administrator automatically for the DMZ network. All configurations and management are (4) Internal/LAN, (1) External/WAN, and (1) DMZ port. DFL-80 monitoring function The firewall provides monitoring functions which contains traffic log, event log, traffic alarm, event alarm, and traffic statistics. System Administrators can be set system parameters or monitor network activities using an Internet web...
... management. The DMZ interface connects to connect with an external router, DSL modem, or Cable modem. It also provides an easily operated software WebUI which allows users to the Administrator automatically for the DMZ network. All configurations and management are (4) Internal/LAN, (1) External/WAN, and (1) DMZ port. DFL-80 monitoring function The firewall provides monitoring functions which contains traffic log, event log, traffic alarm, event alarm, and traffic statistics. System Administrators can be set system parameters or monitor network activities using an Internet web...
User Manual
Page 5
Internal Ports (LAN): Use this port to connect to the internal network of the power supply to this port, the other end to the electrical wall outlet. 5 Hardware Description DMZ Port: Use this port to connect to the external router, DSL modem, or Cable modem. Reset: Reset the DFL-80 to the Internet (FTP, SNMP, HTTP, DNS). DC Power: connect one end of the office. External Port (WAN): Use this port to connect to the company's server(s), which needs direct connection to the original default settings.
Internal Ports (LAN): Use this port to connect to the internal network of the power supply to this port, the other end to the electrical wall outlet. 5 Hardware Description DMZ Port: Use this port to connect to the external router, DSL modem, or Cable modem. Reset: Reset the DFL-80 to the Internet (FTP, SNMP, HTTP, DNS). DC Power: connect one end of the office. External Port (WAN): Use this port to connect to the company's server(s), which needs direct connection to the original default settings.
User Manual
Page 6
Software Management DFL-80 management tool: Web User Interface The main menu functions are : Administrator, Configuration, Address, Service, Schedule, Policy, VPN, Virtual Server, Log, Alarm, Statistics, and Status. 6 The main functions include 12 items, which are located on the left-hand side of the screen, and the display window will be on the right-hand side.
Software Management DFL-80 management tool: Web User Interface The main menu functions are : Administrator, Configuration, Address, Service, Schedule, Policy, VPN, Virtual Server, Log, Alarm, Statistics, and Status. 6 The main functions include 12 items, which are located on the left-hand side of the screen, and the display window will be on the right-hand side.
User Manual
Page 7
... the DFL-80. Username: admin Password: admin 7 These addresses may not be used for the connection. Make sure there is shipped with a subnet mask of private IP addresses. Therefore, the IP address of 192.168.1.0, (i.e. If the company's internal IP Address is 172.16.0.1) the Administrator must be within the same range of the Administrator (see below). By default, the DFL-80 Firewall is a link light for management and configuration. A pop-up an Internet web browser and type...
... the DFL-80. Username: admin Password: admin 7 These addresses may not be used for the connection. Make sure there is shipped with a subnet mask of private IP addresses. Therefore, the IP address of 192.168.1.0, (i.e. If the company's internal IP Address is 172.16.0.1) the Administrator must be within the same range of the Administrator (see below). By default, the DFL-80 Firewall is a link light for management and configuration. A pop-up an Internet web browser and type...
User Manual
Page 8
...of user access to default factory settings. or restore the firewall back to the firewall. The System Administrator can be synchronized either with an Internet Time Server or with the latest fixes for intruder invasions. Up to change passwords. Administrators may update the DFL-80 firmware to download the latest firmware. Administrators may enable e-mail alert notification. All configurations are Wizard, Admin, Setting, Date/Time, and Software Update. Under Setting, the Administrator may manage, monitor, and configure firewall settings. Once enabled, an IP address of...
...of user access to default factory settings. or restore the firewall back to the firewall. The System Administrator can be synchronized either with an Internet Time Server or with the latest fixes for intruder invasions. Up to change passwords. Administrators may update the DFL-80 firmware to download the latest firmware. Administrators may enable e-mail alert notification. All configurations are Wizard, Admin, Setting, Date/Time, and Software Update. Under Setting, the Administrator may manage, monitor, and configure firewall settings. Once enabled, an IP address of...
User Manual
Page 18
... IP network will use a private IP scheme. IP Address: The private IP address of the Firewall's internal network is 192.168.1.1. 18 The Internal network will not be routable on Configuration in this section, the Administrator can set up the Internal (LAN) network. The netmask and gateway IP addresses are also configured in the left menu bar. The default IP address is the IP address of the Internal (LAN) ports of the Internal (LAN) network, the External (WAN) network, and the DMZ network. Interface...
... IP network will use a private IP scheme. IP Address: The private IP address of the Firewall's internal network is 192.168.1.1. 18 The Internal network will not be routable on Configuration in this section, the Administrator can set up the Internal (LAN) network. The netmask and gateway IP addresses are also configured in the left menu bar. The default IP address is the IP address of the Internal (LAN) ports of the Internal (LAN) network, the External (WAN) network, and the DMZ network. Interface...
User Manual
Page 19
....255.255.0. For PPPoE (ADSL User): This option is the netmask of the Firewall. Enter '0' if you by the ISP. NetMask: This is for PPPoE users who are private IP addresses only. Fixed: Select this to allow the internal network to Firewall. The default netmask of the PPPoE connection. Current Status: Displays the current line status of the DFL-80 is automatically assigned by your...
....255.255.0. For PPPoE (ADSL User): This option is the netmask of the Firewall. Enter '0' if you by the ISP. NetMask: This is for PPPoE users who are private IP addresses only. Fixed: Select this to allow the internal network to Firewall. The default netmask of the PPPoE connection. Current Status: Displays the current line status of the DFL-80 is automatically assigned by your...
User Manual
Page 20
This is the IP Address of the DNS server. 20 Some cable modem ISP assign a specific hostname in order to connect to their ISP, such as IP Address, Netmask, Gateway, and DNS. If not required by the Firewall from the external network. Ping: Select this to allow the external network to ping the IP Address of the Firewall. If set to enable, the DFL-80 will be the Gateway IP address. Your ISP will respond to echo request packets...
This is the IP Address of the DNS server. 20 Some cable modem ISP assign a specific hostname in order to connect to their ISP, such as IP Address, Netmask, Gateway, and DNS. If not required by the Firewall from the external network. Ping: Select this to allow the external network to ping the IP Address of the Firewall. If set to enable, the DFL-80 will be the Gateway IP address. Your ISP will respond to echo request packets...
User Manual
Page 22
....88.250 (External) 5.Accounting department subnetwork 192.168.5.11/24 (Internal) 168.85.88.249(External) The first department (the R&D department) was set while setting interface IP, the other departments are as follows Service IP Address:192.168.2.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.2.11 The other four have to the Internet. Multiple NAT Multiple NAT allows the local port to set by different subnetworks for convenient management.
....88.250 (External) 5.Accounting department subnetwork 192.168.5.11/24 (Internal) 168.85.88.249(External) The first department (the R&D department) was set while setting interface IP, the other departments are as follows Service IP Address:192.168.2.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.2.11 The other four have to the Internet. Multiple NAT Multiple NAT allows the local port to set by different subnetworks for convenient management.
User Manual
Page 28
Destination IP: IP address of destination network. ! Configure: Change settings in which current route settings are shown. Interface: Destination network, internal or external networks. ! Gateway: Gateway IP address for the networks. The Route Table window appears, in the route table. 28 Route Table functions: ! Entering the Route Table screen: Click Configuration on the left side menu bar, then click Route Table below it. Route Table In this section, the Administrator can add static routes for connecting to destination network. ! NetMask: Netmask of...
Destination IP: IP address of destination network. ! Configure: Change settings in which current route settings are shown. Interface: Destination network, internal or external networks. ! Gateway: Gateway IP address for the networks. The Route Table window appears, in the route table. 28 Route Table functions: ! Entering the Route Table screen: Click Configuration on the left side menu bar, then click Route Table below it. Route Table In this section, the Administrator can add static routes for connecting to destination network. ! NetMask: Netmask of...
User Manual
Page 38
... network, IP, netmask addresses, and MAC addresses will show on the network it belongs to, an IP address can assign an easily recognized name to enter the Internal window. Based on the screen. 38 Internal Entering the Internal window: Step 1. Click Internal under the Address menu to an IP address. Address The DFL-80 Firewall allows the Administrator to set Interface addresses of building control policies. The Administrator can be an internal IP address, external IP address or DMZ IP address...
... network, IP, netmask addresses, and MAC addresses will show on the network it belongs to, an IP address can assign an easily recognized name to enter the Internal window. Based on the screen. 38 Internal Entering the Internal window: Step 1. Click Internal under the Address menu to an IP address. Address The DFL-80 Firewall allows the Administrator to set Interface addresses of building control policies. The Administrator can be an internal IP address, external IP address or DMZ IP address...
User Manual
Page 54
... the server port ranges from 0 to access 5 different services on a server, such as HTTP, FTP, SMTP, POP3, and TELNET. Without the help of a TCP Port or UDP port number, such as the 50 control policies. 54 What is Service? For example, there are 10 different computers that want to 1023. The DFL-80 Firewall defines two services: pre-defined service and custom service. Service In this section, network services are defined and new network services...
... the server port ranges from 0 to access 5 different services on a server, such as HTTP, FTP, SMTP, POP3, and TELNET. Without the help of a TCP Port or UDP port number, such as the 50 control policies. 54 What is Service? For example, there are 10 different computers that want to 1023. The DFL-80 Firewall defines two services: pre-defined service and custom service. Service In this section, network services are defined and new network services...
User Manual
Page 81
Accessing the Autokey IKE window: Click IPSec Autokey under the VPN menu to identify the VPN tunnel definition. The fields in the Autokey IKE window are: ! Name: The VPN name to enter the Autokey IKE window. PSK/RSA: The IKE VPN must be defined with two firewall devices, IKE allows new keys to negotiate keys between two security gateways. Status: Connect/Disconnect or Connecting/Disconnecting. ! Gateway IP: The external interface IP address of traffic has been...
Accessing the Autokey IKE window: Click IPSec Autokey under the VPN menu to identify the VPN tunnel definition. The fields in the Autokey IKE window are: ! Name: The VPN name to enter the Autokey IKE window. PSK/RSA: The IKE VPN must be defined with two firewall devices, IKE allows new keys to negotiate keys between two security gateways. Status: Connect/Disconnect or Connecting/Disconnecting. ! Gateway IP: The external interface IP address of traffic has been...
User Manual
Page 86
... if idle ... Configure this device to disconnect to the PPTP Server when there is set the number to disabled. 2. Schedule- Select VPN > PPTP Server. Click Modify after the Client IP Range. Disable PPTP- Enable PPTP- Client IP Range Enter the IP range allocated for a predetermined period of time. Refer to disable PPTP Server. ! Modifying PPTP Server Design Step 1. To keep the line always connected, set to 0. ! Check to the corresponding section for details. Encyption: the default is no activity for PPTP Client to connect to enable PPTP Server. 1. Step 2. In the...
... if idle ... Configure this device to disconnect to the PPTP Server when there is set the number to disabled. 2. Schedule- Select VPN > PPTP Server. Click Modify after the Client IP Range. Disable PPTP- Enable PPTP- Client IP Range Enter the IP range allocated for a predetermined period of time. Refer to disable PPTP Server. ! Modifying PPTP Server Design Step 1. To keep the line always connected, set to 0. ! Check to the corresponding section for details. Encyption: the default is no activity for PPTP Client to connect to enable PPTP Server. 1. Step 2. In the...
User Manual
Page 107
... Remove confirmation pop-up control policies. Traffic log's parameters are setup when setting up box, click OK to remove the service or click Cancel to monitor and record services, connection times, and the source and destination network address. Traffic logs record the details of packets such as the time of change , the IP address used to log on, etc. 107 What is a Log? Log The DFL-80 VPN Firewall supports traffic logging and event logging to cancel removing. The Administrator mainly uses the Log...
... Remove confirmation pop-up control policies. Traffic log's parameters are setup when setting up box, click OK to remove the service or click Cancel to monitor and record services, connection times, and the source and destination network address. Traffic logs record the details of packets such as the time of change , the IP address used to log on, etc. 107 What is a Log? Log The DFL-80 VPN Firewall supports traffic logging and event logging to cancel removing. The Administrator mainly uses the Log...
User Manual
Page 124
... other Internet hosts, for 'Internet Control Message Protocol', it asks the DHCP server for Internet Protocol. For example, the UNIX command Ping is connected to the Internet. IP IP stands for a temporary IP address. Defining data packet structure, packet is a Network layer of data exchange. ! Moving data between Network layer and Transport layer. ! Glossary DHCP (Dynamic Host Configuration Protocol) When a computer with other computers on the network, to the client. Addressing...
... other Internet hosts, for 'Internet Control Message Protocol', it asks the DHCP server for Internet Protocol. For example, the UNIX command Ping is connected to the Internet. IP IP stands for a temporary IP address. Defining data packet structure, packet is a Network layer of data exchange. ! Moving data between Network layer and Transport layer. ! Glossary DHCP (Dynamic Host Configuration Protocol) When a computer with other computers on the network, to the client. Addressing...
User Manual
Page 132
... already defined in service option when setting up different time intervals conveying different policies. Users can be created. Schedule Schedule is 0:1023. This system supports two kinds of Firewall's network interfaces, address table, service table, virtual servers' IP addresses and policies. System Configuration The system configuration file stores system administrator's name and password, IP addresses of services: standard services and user defined services. A specific schedule can setup their own services with proper TCP and UDP port numbers if necessary...
... already defined in service option when setting up different time intervals conveying different policies. Users can be created. Schedule Schedule is 0:1023. This system supports two kinds of Firewall's network interfaces, address table, service table, virtual servers' IP addresses and policies. System Configuration The system configuration file stores system administrator's name and password, IP addresses of services: standard services and user defined services. A specific schedule can setup their own services with proper TCP and UDP port numbers if necessary...
User Manual
Page 134
... DFL-80 provides three Interface Ports to upgrade the DFL-80's software? Trouble-Shooting Q : How to divide the networks into internal networks, external networks, and DMZ. Q : How to flow through, servers inside DMZ can 't transfer. A : To change system parameters settings without destroying the original system configuration, the user can upload the backup system configuration from Client. The internal networks use private IP addresses, which kind of a private one. By setting the permission in Import System setting from the hard disk to...
... DFL-80 provides three Interface Ports to upgrade the DFL-80's software? Trouble-Shooting Q : How to divide the networks into internal networks, external networks, and DMZ. Q : How to flow through, servers inside DMZ can 't transfer. A : To change system parameters settings without destroying the original system configuration, the user can upload the backup system configuration from Client. The internal networks use private IP addresses, which kind of a private one. By setting the permission in Import System setting from the hard disk to...
User Manual
Page 135
... installation. 2. The name "admin" can 't communicate to each other by ISP. 3. So computers in the internal network to access some web addresses. Then 135 A: There are six steps to follow: Step 1: First connect the administrator's PC and the Firewall's internal interface card to the same HUB or Switch, change the password for the first time? A: The DFL-80 has three main default settings; The system administrator's name and password are the default settings...
... installation. 2. The name "admin" can 't communicate to each other by ISP. 3. So computers in the internal network to access some web addresses. Then 135 A: There are six steps to follow: Step 1: First connect the administrator's PC and the Firewall's internal interface card to the same HUB or Switch, change the password for the first time? A: The DFL-80 has three main default settings; The system administrator's name and password are the default settings...
User Manual
Page 136
... IP address of the firewall. Change it and record the new password. When converting a URL to IP address, the browser sends out DNS service packet to activate new IP address. A : In order to open a virtual server to external networks, Administrator needs to pass through. 136 After the new IP address is still 'admin'. Q : In the Outgoing menu, I set successfully? Step 3: Then WebUI will ask or the user's name and password enter 'admin' and password. Q : Why can't users...
... IP address of the firewall. Change it and record the new password. When converting a URL to IP address, the browser sends out DNS service packet to activate new IP address. A : In order to open a virtual server to external networks, Administrator needs to pass through. 136 After the new IP address is still 'admin'. Q : In the Outgoing menu, I set successfully? Step 3: Then WebUI will ask or the user's name and password enter 'admin' and password. Q : Why can't users...