D-Link DWC-1000 User Manual - Page 201

internet by its aliased public IP address.

Get D-Link DWC-1000 PDF manuals and user guides View all D-Link DWC-1000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 201 highlights

Wireless Controller User Manual 6. Inbound rules can use Destination NAT (DNAT) for managing traffic from the Option. Destination NAT is available when the To Zone = DMZ or secure LAN.  W ith an inbound allow rule you can enter the internal s erver addres s that is hos ting the s elected s ervice.  Yo u can en ab le p o rt fo rward in g fo r an in co min g s erv ice s p ecific ru le (Fro m Zo n e = Op t io n ) b y s electin g t h e app rop riat e ch eckb o x. Th is will allow the s elected s ervice traffic from the internet to reach the ap p ro p riat e LA N p o rt v ia a p o rt fo rward in g ru le.  Tran s lat e Po rt Nu mb er: W it h p o rt fo rward in g , t h e in co min g t raffic t o b e fo rward ed t o t h e p o rt n u mb er en t ered h ere.  Ext ern al IP ad d res s : Th e ru le can b e b o u n d t o a s p ecific Op t io n in t erface b y s elect in g eit h er t h e p rimary Op t io n o r co n fig u rab le p o rt Op t io n as t h e s o u rce IP ad d res s fo r in co min g t raffic.  Th is co n t roller s u pp orts mu lt i-NA T an d s o t h e Ext ern al IP ad d res s d oes n ot neces s arily have to be the Option addres s . On a s ingle Option interface, mu lt ip le p u b lic IP ad d res s es are s u p p o rt ed . If y o u r ISP as s ig n s y o u mo re t h an o n e p u b lic IP ad d res s , o n e o f t h es e can b e u s ed as y o u r p rimary IP addres s on the Option port, and the others can be as signed to s ervers on the LA N o r DM Z. In t h is way t h e LA N/ DM Z s erv er can b e acces s ed fro m t h e internet by its alias ed public IP addres s . 7. Outbound rules can use Source NAT (SNAT) in order to map (bind) all LAN/DMZ traffic matching the rule parameters to a specific Option interface or external IP address (usually provided by your ISP). On ce t h e n ew o r mo d ified ru le p aramet ers are s av ed , it ap p ears in t h e mas t er lis t o f firewall ru les . To en ab le o r d is ab le a ru le, click t h e ch eckb o x n ext t o t h e ru le in t h e lis t o f firewall ru les an d ch o o s e En ab le o r Dis ab le.  The controller applies firewall rules in the order lis ted. As a general rule, y o u s h o uld mo v e t h e s trict est ru les (t h ose wit h t h e mo s t s pecific s erv ices or ad d res ses) t o t h e t o p o f t h e lis t . To reo rd er ru les , click t h e ch eckb ox n ext t o a rule and click up or down. 199

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
Wireless Controller
User Manual
199
6.
Inbound rules can use Destination NAT (DNAT) for managing traffic from the Option.
Destination NAT is available when the To Zone = DMZ or secure LAN.
With an inbound allow rule you can enter the internal server address
that is hosting the selected service.
You can enable port forwarding for an incoming service specific rule
(From Zone = Option) by selecting the appropriate checkbox. This will
allow the selected service traffic from the internet to reach the
appropriate LAN port via a port forwarding rule.
Translate Port Number: With port forwarding, the incoming traffic to
be forwarded to the port number entered here.
External IP address: The rule can be bound to a specific Option
interface by selecting either the primary Option or configurable port
Option as the source IP address for incoming traffic.
This controller supports multi-NAT and so the External IP address does not
necessarily have to be the Option address. On a single Option interface,
multiple public IP addresses are supported. If your ISP assigns you more
than one public IP address, one of these can be used as your primary IP
address on the Option port, and the others can be assigned to servers on the
LAN or DMZ. In this way the LAN/DMZ server can be accessed from the
internet by its aliased public IP address.
7.
Outbound rules can use Source NAT (SNAT) in order to map (bind) all LAN/DMZ traffic
matching the rule parameters to a specific Option interface or external IP address (usually
provided by your ISP).
Once the new or modified rule parameters are saved, it appears in the master list of
firewall rules. To enable or disable a rule, click the checkbox next to the rule in the
list of firewall rules and choose Enable or Disable.
The controller applies firewall rules in the order listed. As a general rule,
you should move the strictest rules (those with the most specific services or
addresses) to the top of the list. To reorder rules, click the checkbox next to
a rule and click up or down.