D-Link DFL-700 Product Manual - Page 121
Appendix C: Multiple Public IP addresses, Host Interface, Private IP, Public IP - port forwarding
![]() |
UPC - 790069264535
View all D-Link DFL-700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 121 highlights
Appendix C: Multiple Public IP addresses Mapping of a Public IP address other than that of the Firewall to a Server located on either internal interface can be accomplished in two basic steps (order does not matter): add a Port Mapping/Virtual Server rule that forwards specified services to a single LAN or DMZ host to be accessible through a WAN IP not used by the DFL-700; add a static route in the firewall's routing table indicating the internal interface to which the Public IP should be mapped. For an increased level of protection from Network Intrusions or malicious attacks, isolation of servers accessible to the public from the Private network is recommended. This will ensure that if one of those servers happens to become compromised through vulnerabilities related to software, an attacker would not be able to directly access the private internal Network. The DFL-700 provides a physical DMZ network interface specifically for this purpose. This can be accomplished with NAT disabled or enabled on the DMZ interface. Example Scenario using NAT: The firewall is configured using the following scheme in order to allow Internet hosts access to web services running on either the internal LAN or DMZ Network The goal is to map two internal web servers (port 80) to two Public IP addresses provided by our ISP. Host Interface Firewall LAN Firewall DMZ Web Server on LAN Web Server on DMZ Private IP 192.168.2.1 192.168.10.1 192.168.2.50 192.168.10.100 Public IP 80.80.80.80 80.80.80.80 80.80.80.81 80.80.80.82
![](/manual_guide/products/dlink-dfl700-product-manual-c74b9b2/121.png)