D-Link DWC-1000 User Manual - Page 197

Firewall Rules - default ip

Get D-Link DWC-1000 PDF manuals and user guides View all D-Link DWC-1000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 197 highlights

Wireless Controller 7.1 Firewall Rules User Manual Ad va nced > Firewall Settings > Firewall Rules In b o u n d (Op t io n t o LA N/ DM Z) ru les rest rict access t o t raffic en t erin g y o u r n et wo rk, s electively allowing only s pecific outside users to access s pecific local res ources . By d efau lt all acces s fro m t h e in s ecure Op t io n s ide are b lo cked fro m acces sin g t h e s ecu re LA N, excep t in res p o n s e t o req u es t s fro m t h e Op t io n o r DM Z. To allo w o u t s id e d ev ices t o access s erv ices o n t h e s ecu re LA N, y o u mu s t creat e an in b o u n d fire wall rule for each s ervice. If y o u wan t t o allo w in co min g t raffic, y o u mu s t make t h e co n t ro llers Op t io n p o rt IP ad d res s kn o wn t o t h e p u blic. Th is is called "exp o sin g y o ur h o st." Ho w y o u make y o u r addres s known depends on how the Option ports are configured ; for this controller y o u may u s e t h e IP ad d ress if a s t at ic ad dress is assig ned t o t h e Op t io n p o rt , o r if y our Op t io n ad d res s is d y n amic a DDNS (Dy n amic DNS) n ame can b e u s ed . Ou t b o u nd (LA N/ DM Z t o Op t io n) ru les res trict access t o t raffic leav ing y ou r n et w o rk, s elect iv ely allo win g o n ly s pecific lo cal u s ers t o access s p ecific o u tsid e res ou rces. The d efau lt o u t b o u n d ru le is t o allo w acces s fro m t h e s ecu re zo n e (LA N) t o eit h er t h e public DMZ or ins ecure Option. On other hand the default outbound rule is to den y acces s fro m DM Z t o in s ecu re Op t io n. Yo u can ch an g e t h is d efau lt b eh av io u r in t h e Firewall Settings > Default Outbound Policy p ag e. W h en th e d efau lt o u tb o u n d p o licy is allo w alway s , y o u can t o b lo ck h o s t s o n t h e LA N fro m acces s in g in t ern et s ervices by creating an outbound firewall rule for each s ervice. 195

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
Wireless Controller
User Manual
195
7.1
Firewall Rules
Advanced > Firewall Settings > Firewall Rules
Inbound (Option to LAN/DMZ) rules restrict access to traffic entering your network,
selectively allowing only specific outside users to access specific local resources. By
default all access from the insecure Option side are blocked from accessing the secure
LAN, except in response to requests from the Option or DMZ. To allow outside
devices to access services on the secure LAN, you must create an inbound firewall
rule for each service.
If you want to allow incoming traffic, you must make the controllers Option port IP
address known to the public. This is called “exposing your host.” How you make your
address known depends on how the Option ports are configured; for this controller
you may use the IP address if a static address is assigned to the Option port, or if your
Option address is dynamic a DDNS (Dynamic DNS) name can be used.
Outbound (LAN/DMZ to Option) rules restrict access to traffic leaving your network,
selectively allowing only specific local users to access specific outside resources. The
default outbound rule is to allow access from the secure zone (LAN) to either the
public DMZ or insecure Option. On other hand the default outbound rule is to deny
access from DMZ to insecure Option. You can change this default behaviour in the
Firewall Settings > Default Outbound Policy
page. When the default outbound
policy is allow always, you can to block hosts on the LAN from accessing internet
services by creating an outbound firewall rule for each service.