D-Link DFL-700 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

D-Link

DFL-700

Page 41 / 131 Scroll up to view Page 36 - 40

Add User

Follow these steps to add a new user.

Step 1.

Click on

add

after the type of

user you would like to add, Admin or

Read-only.

Step 2.

Fill in

User name;

make sure

you are not trying to add one that

already exists.

Step 3.

Specified what groups the user

should be a member of.

Step 3.

Specify the password for the new user.

Click the

Apply

button below to apply the setting or click

Cancel

to discard changes.

Note:

The user name and password should be at least six characters long. The user

name and password can contain numbers (0-9) and upper and lower case letters (A-Z, a-

z). Special characters and spaces are not allowed.

Change User Password

To change the password of a user click on the user name and you will see the following

screen.

Follow these steps to change a users

password.

Step 1.

Click on the user you would like

to change level of.

Step 2.

Enable the

Change password

checkbox.

Step 3.

Enter the new password twice.

Click the

Apply

button below to apply

the setting or click Cancel to discard

changes.

Note

The password should be at least six characters long. The password can contain

numbers (0-9) and upper and lower case letters (A-Z, a-z). Special characters and spaces

are not allowed.

Page 42 / 131

Delete User

To delete a user click on the user name and you will see the following screen.

Follow these steps to delete a user.

Step 1.

Click on the user you would like

to change level of.

Step 2.

Enable the

Delete user

checkbox.

Click the

Apply

button below to apply

the setting or click Cancel to discard

changes.

Note:

Deleting a user is

irreversible;

once the user is deleted, it cannot be

undeleted.

Page 43 / 131

Schedules

It is possible to

configure a schedule for

policies to take affect.

By creating a schedule,

the DFL-700 is allowing

the firewall policies to

be used at those

designated times only.

Any activities outside of

the scheduled time slot

will not follow the

policies and will

therefore likely not be

permitted to pass

through the firewall. The

DFL-700 can be

configured to have a

start time and stop time,

as well as creating 2

different time periods in

a day. For example, an

organization may only

want the firewall to allow

the internal network

users to access the

Internet during work

hours. Therefore, one may create a schedule to allow the firewall to allow traffic Monday-

Friday, 8AM-5PM only. During the non-work hours, the firewall will not allow Internet access.

Add new recurring schedule

Follow these steps to add new recurring schedule.

Step 1.

Go to Firewall and Schedules and choose Add new.

Step 2.

Choose the starting and ending date and hour when the schedule should be active.

Step 3.

Use the checkboxes to set the times this schedule should be active. If all boxes

are checked the schedule will be active all the time from the starting to the ending date. If

all boxes are unchecked the schedule never will trigger.

Click the

Apply

button below to apply the change or click

Cancel

to discard changes.

Page 44 / 131

Services

A service is basically a definition of a specific IP protocol with corresponding parameters.

The service http, for instance, is defined as to use the TCP protocol with destination port 80.

Services are simplistic, in that they cannot carry out any action in the firewall on their own.

Thus, a service definition does not include any information whether the service should be

allowed through the firewall or not. That decision is made entirely by the firewall policies, in

which the service is used as a filter parameter.

Adding TCP, UDP or TCP/UDP Service

For many services, a single destination port is sufficient. The http service, for instance, is

using destination port 80. To use a single destination port, enter the port number in the

destination ports text box. In most cases, all ports (0-65535) have to be used as source ports.

The second option is to define a port range, a port range is inclusive, meaning that a range

137-139 covers ports 137, 138 and 139.

Multiple ranges or individual ports may also be entered, separated by commas. For

instance, a service can be defined as having source ports 1024-65535 and destination ports

80-82, 90-92, 95. In this case, a TCP or UDP packet with the destination port being one of 80,

81, 82, 90, 91, 92 or 95, and the source port being in the range 1024-65535, will match this

service.

Follow these steps to add a TCP, UDP or TCP/UDP service.

Step 1.

Go to Firewall and Service and choose add new.

Step 2.

Enter a Name for the service in the name field. This name will appear in the

service list when you add a new policy. The name can contain numbers (0-9) and upper

and lower case letters (A-Z, a-z), and the special characters - and _. No other special

characters and spaces are allowed.

Step 3.

Select TCP/UDP Service.

Step 4.

Select the protocol (either TCP, UDP or both TCP/UDP) used by the service.

Step 5.

Specify a source port or range for this service by typing in the low and high port

numbers. Enter 0-65535 for all ports, or a single port like 80 for only one source port.

Step 6.

Specify a destination port or range for this service by typing in the low and high

port numbers. Enter 0-65535 for all ports, or a single port like 80 for only one destination

port.

Step 7.

Enable the Syn Relay checkbox if you want to protect the destination from SYN

flood attacks.

Click the

Apply

button below to apply the change or click

Cancel

to discard changes.

Page 45 / 131

Adding IP Protocol

When the type of the service is IP Protocol, an IP protocol number may be specified in the

text field. To have the service match the GRE protocol, for example, the IP protocol should be

specified as 47. A list of some defined IP protocols can be found in the appendix named “IP

Protocol Numbers”.

IP protocol ranges can be used to specify multiple IP protocols for one service. An IP

protocol range is similar to the TCP and UDP port range described previously; the range 1-4,

7 will match the protocols ICMP, IGMP, GGP, IP-in-IP and CBT.

Follow these steps to add a TCP, UDP or TCP/UDP service.

Step 1.

Go to Firewall and Service and choose new.

Step 2.

Enter a Name for the service in the name field. This name will appear in the

service list when you add a new policy. The name can contain numbers (0-9) and upper

and lower case letters (A-Z, a-z), and the special characters - and _. No other special

characters and spaces are allowed.

Step 3.

Select IP Protocol.

Step 4.

Specify a comma-separated list of IP protocols.

Click the

Apply

button below to apply the change or click

Cancel

to discard changes.

Grouping Services

Services can be grouped in order to simplify configuration. Consider a web server using

standard http as well as SSL encrypted http (https). Instead of having to create two separate

rules allowing both types of services through the firewall, a service group named, for instance,

Web, can be created, with the http and the https services as group members.

Follow these steps to add a group.

Step 1.

Go to Firewall and Service and choose new.

Step 2.

Enter a Name for the service in the name field. This name will appear in the

service list when you add a new policy. The name can contain numbers (0-9) and upper

and lower case letters (A-Z, a-z), and the special characters - and _. No other special

characters and spaces are allowed.

Step 3.

Select Group.

Step 4.

Specify a comma-separated list of existing services.

Click the

Apply

button below to apply the change or click

Cancel

to discard changes.

Rate

Popular D-Link Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share