D-Link DFL-1000 Manuale Utente

DFL-1000 User Manual

NAT/Route mode and you do not require NAT for connections between the internal network and the DMZ
network. Configuring a routing policy is similar to configuring a NAT policy except that you do not select
NAT when you configure the policy.

You can use routing policies for connections between two networks if addresses are routable between
these two networks.

To add a routing Int -> DMZ policy:
• Add an address for the server to the DMZ address list.

See

Addresses

•  Go to Firewall > Policy > Int -> DMZ .
•  Select New to add a new policy.
•  Configure the policy.

Source

Internal_All.

Destination

The address added in step 1.

Schedule

Always.

Service

Select a service to match the server in the DMZ network.
For a web server, select HTTP.

Action

Select ACCEPT.

NAT

Do not select NAT.

Authentication

Select Authentication and select a user group if you want users on the internal network to
authenticate with the firewall before accessing the server.

Web filter

Select Web filter if service is set to HTTP, SMTP, POP3, or IMAP to apply content filtering to the
network traffic allowed by this policy.

• Select OK to save the policy.
• Arrange the policy in the policy list to produce the results that you expect.

Arranging policies in a policy list is described in

Configuring policy lists

Transparent mode policy for public access to a server

The following example policy, to accept connections at the external interface and forward them to the
internal interface, is similar to any Transparent mode policy.

To add a Transparent mode policy between the external interface and the internal interface:
• Add an address for the server to the internal interface address list.

See