D-Link DFL-80 User Manual - Page 131

Mapped IP, Policy

Get D-Link DFL-80 PDF manuals and user guides View all D-Link DFL-80 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 131 highlights

Mapped IP Both Mapped IP and Virtual Server use IP mapping mechanism to allow outside users access internal servers through the firewall. They are different in following ways: ! Virtual Server has Load balance feature, and Mapped IP does not. ! Virtual Server has a one-to-many mapping relationship to physical servers and Mapped IP is mapped to physical servers in one-to-one fashion. A virtual server can be mapped to only one service, such as SMTP, HTTP or FTP. A Mapped IP can be mapped to all services provided by a physical server. Policy The DFL-80 decides whether a data packet can pass according to values of the policies. A policy's parameters are source address, destination address, service, permission, packets' history, statistics and flow alarms. Policies can be divided into four categories based on the packets' source addresses. ! Outgoing : Clients are located in internal networks and servers are in external networks. ! Incoming : Clients are located in external networks and servers are in internal networks. ! To DMZ : Client can be located in either internal or external networks and servers are in DMZ. ! From DMZ : Clients are in DMZ and servers are in either internal or external networks Packet Direction Source Network Destination network Outgoing Incoming To DMZ From DMZ Internal External External Mapped IP Virtual Server External, internal DMZ DMZ External, internal 131

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
131
Mapped IP
Both Mapped IP and Virtual Server use IP mapping mechanism to allow outside
users access internal servers through the firewall.
They are different in following
ways:
!
Virtual Server has Load balance feature, and Mapped IP does not.
!
Virtual Server has a one-to-many mapping relationship to physical
servers and Mapped IP is mapped to physical servers in one-to-one fashion. A
virtual server can be mapped to only one service, such as SMTP, HTTP or FTP.
A Mapped IP can be mapped to all services provided by a physical server.
Policy
The DFL-80 decides whether a data packet can pass according to values of
the policies. A policy’s parameters are source address, destination address,
service, permission, packets’ history, statistics and flow alarms. Policies can
be divided into four categories based on the packets’ source addresses.
!
Outgoing :
Clients are located in internal networks and
servers are in
external networks.
!
Incoming :
Clients are located in external networks and
servers are in
internal
networks.
!
To DMZ :
Client can be located in either internal or external networks
and servers are in DMZ.
!
From DMZ :
Clients are in DMZ and servers are in either internal or
external
networks
Packet
Direction
Outgoing
Incoming
To DMZ
From DMZ
Source
Network
Internal
External
External,
internal
DMZ
Destination
network
External
Mapped
IP
Virtual
Server
DMZ
External,
internal