D-Link DFL-210-WCF-12 Product Manual - Page 252
Objects > Services > Add > TCP/UDP Service, i. Using Public IPs
UPC - 790069601545
View all D-Link DFL-210-WCF-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 252 highlights
6.2.3. The FTP ALG Chapter 6. Security Mechanisms 2. Enter Name: ftp-outbound 3. Uncheck Allow client to use active mode 4. Check Allow server to use passive mode 5. Click OK B. Create the Service 1. Go to Objects > Services > Add > TCP/UDP Service 2. Now enter: • Name: ftp-outbound-service • Type: select TCP from the dropdown list • Destination: 21 (the port the ftp server resides on) • ALG: ftp-outbound 3. Click OK C. Create IP Rules IP rules need to be created to allow the FTP traffic to pass and these are different depending on if private or public IP addresses are being used. i. Using Public IPs If using public IPs, make sure there are no rules disallowing or allowing the same kind of ports/traffic before these rules. The service used here is the ftp-outbound-service which should be using the predefined ALG definition ftp-outbound which is described earlier. 1. Go to Rules > IP Rules > Add > IPRule 2. Now enter: • Name: Allow-ftp-outbound • Action: Allow • Service: ftp-outbound-service 3. For Address Filter enter: • Source Interface: lan • Destination Interface: wan • Source Network: lannet • Destination Network: all-nets 4. Click OK ii. Using Public IPs If the firewall is using private IPs with a single external public IP, the following NAT rule need to be added instead: 1. Go to Rules > IP Rules > Add > IPRule 2. Now enter: • Name: NAT-ftp-outbound • Action: NAT • Service: ftp-outbound-service 3. For Address Filter enter: • Source Interface: lan 252