1. Home
    2. /
  2. Manuals
    3. /
  3. D-Link
    4. /
  4. DFL-200
    5. /
  5. 20
Page 96 / 133 Scroll up to view Page 91 - 95
96
5.
Add a new user,
Firewall->Users
:
Under
Users in local database
click
Add new
Name the new user
BranchOffice
Enter password:
1234567890
Retype password:
1234567890
Leave static client IP empty (could also be set to eg 192.168.1.200. If no IP is set
here the IP pool from the L2TP server settings are used).
Set Networks behind user to
192.168.4.0/24
Click
Apply
6.
Click
Activate
and wait for the firewall to restart.
This example will allow
all
traffic between the two offices. To get a more secure solution read
the
A more secure LAN-to-LAN VPN solution
section in this chapter.
Page 97 / 133
A more secure LAN-to-LAN VPN solution
Go get a more secure solution, policies should be created instead of allowing all traffic
between the two offices. The following steps will show how to enable some common services.
In this example we have a mail server, ftp server and a web server (intranet) in the main office
that we want to access from the branch office.
Settings for Branch office
1.
Setup policies for the new tunnel,
Firewall->Policy:
Click
Global policy parameters
Disable
Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN
Click
Apply
2.
Now is it possible to create policies for the VPN interfaces. Select from
LAN
to
toMainOffice
and click
Show
.
3.
Click
Add new
to create the first rule
Page 98 / 133
98
4.
Setup the new rule:
Name the new rule:
allow_pop3
Select action:
Allow
Select service:
pop3
Select schedule:
Always
We don’t want any Intrusion detection for now, so leave this option unchecked.
Click
Apply
Page 99 / 133
5.
The first policy rule is now created. Repeat step 4 to create services named
allow_imap
,
allow_ftp
and
allow_http
. The services for these policies should be
imap
,
ftp_passthrough
and
http
.
The policy list for
LAN->toMainOffice
should now look like this.
6.
Click
Activate
and wait for the firewall to restart.
Page 100 / 133
100
Settings for Main office
1.
Setup policies for the new tunnel,
Firewall->Policy:
Click
Global policy parameters
Disable
Allow all VPN traffic: internal->VPN, VPN->internal and VPN->VPN
Click
Apply
2.
Now is it possible to create policies for the VPN interfaces. Select from
toBranchOffice
to
LAN
and click
Show
.
3.
Create same 4 policy rules as was created on the branch office firewall (
allow_pop3
,
allow_imap
,
allow_ftp
and
allow_http
).
4.
Click
Activate
and wait for the firewall to restart.

Rate

4 / 5 based on 1 vote.

Popular D-Link Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top