Page 21 / 131 Scroll up to view Page 16 - 20
Routing
Click on
System
in the menu bar, and then click
Routing
below it, this will give a list of all
configured routes, it will look something like this:
The Routes configuration section describes the firewall’s routing table. DFL-700 uses a
slightly different way of describing routes compared to most other systems. However, we
believe that this way of describing routes is easier to understand, making it less likely for
users to cause errors or breaches in security.
Interface
– Specifies which interface packets destined for this route shall be sent through.
Network
– Specifies the network address for this route.
Gateway
– Specifies the IP address of the next router hop used to reach the destination
network. If the network is directly connected to the firewall interface, no gateway address is
specified.
Local IP Address
– The IP address specified here will be automatically published on the
corresponding interface. This address will also be used as the sender address in ARP queries.
If no address is specified, the firewalls own interface IP address will be used.
Proxy ARP –
Specifies that the firewall shall publish this route via Proxy ARP.
One advantage with this form of notation is that you can specify a gateway for a particular
route, without having a route that covers the gateway’s IP address or despite the fact that the
route that covers the gateway’s IP address is normally routed via another interface.
The difference between this form of notation and that most commonly used is that there,
you do not specify the interface name in a separate column. Instead, you specify the IP
address of each interface as a gateway.
Note:
The firewall does not Proxy ARP routes on VPN interfaces.
Page 22 / 131
22
Add a new Static Route
Follow these steps to add a new route.
Step 1.
Go to
System
and
Routing
.
Step 2.
Click on
Add new
in the bottom of the routing table.
Step 3.
Choose the interface that the route should be sent trough from the dropdown
menu.
Step 4.
Specify the Network and Subnet mask.
Step 5.
If this network is behind a remote gateway enable the checkbox
Network is
behind remote gateway
and specify the IP of that gateway
Click the
Apply
button below to apply the setting or click
Cancel
to discard changes.
Remove a Static Route
Follow these steps to add a remove a route.
Step 1.
Go to
System
and
Routing
.
Step 2.
Take
Edit
after the route you would like to remove.
Step 3.
Check the checkbox named
Delete this route
.
Click the
Apply
button below to apply the setting or click
Cancel
to discard changes.
Page 23 / 131
Logging
Click on
System
in the menu bar, and then click
Logging
below it.
Logging, the ability to audit decisions made by the firewall, is a vital part in all network
security products. The D-Link DFL-700 provides several options for logging its activity. The D-
Link DFL-700 logs its activities by sending the log data to one or two log receivers in the
network.
All logging is done to Syslog recipients. The log format used for syslog logging is suitable
for automated processing and searching.
The D-Link DFL-700 specifies a number of events that can be logged. Some of those
events, for instance, startup and shutdown events, are mandatory, and will always generate
log entries. Others, for instance to log if when allowed connections are opened and closed, is
Page 24 / 131
24
configurable. It’s also possible to have E-mail alerting for IDS/IDP events to up to three email
addresses.
Enable Logging
Follow these steps to enable logging.
Step 1.
Enable syslog by checking the
Syslog
box.
Step 2.
Fill in your first syslog server as
Syslog server 1,
if you have two syslog servers
you have to fill in the second one as
Syslog server 2
.
You must fill in at least one syslog
server for logging to work.
Step 3.
Specify what facility to use by selecting the appropriate syslog facility. Local0 is
the default facility.
Click the
Apply
button below to apply the setting or click Cancel to discard changes.
Enable Audit Logging
To start auditing all traffic trough the firewall, follow the sets below and the firewall will start
logging all traffic trough the firewall, this is needed for running third party log analyzers on the
logs and to see how much traffic different connections use.
Follow these steps to enable auditing.
Step 1.
Enable syslog by checking the
Enable audit logging
box.
Click the
Apply
button below to apply the setting or click Cancel to discard changes.
Enable E-mail alerting for ISD/IDP events
Follow these steps to enable E-mail alerting.
Step 1.
Enable E-mail alerting by checking the
Enable E-mail alerting for IDS/IDP
events
checkbox.
Step 2.
Choose the sensitivity level.
Step 3.
In the
SMPT Server
field, fill in the SMTP server to which the DFL-700 should
send email.
Step 4.
Specify up to three valid email addresses to receive the email alerts.
Click the
Apply
button below to apply the setting or click Cancel to discard changes.
Page 25 / 131
When an attack has occurred, more information about the attack can be found. Copy the
attack string and paste it into the
By message
box at the following address:
(you can of course also write the attack string
manually in the box).
Intrusion attacks will always be logged in the usual logs if IDS is enabled for any of the
rules.
For more information about how to enable intrusion detection and prevention on a policy
or port mapping, read more under
Policies
and
Port Mappings
in the Firewall section below.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top