Dec 30

Step 1: Go to D-Link NetDefend Center https://security.dlink.com.tw

A10105_image1

Step 2: Go to My D-Link and click on Registration

A10105_image2

Step 3: Enter your personnel and company information

A10105_image3

Step 4: Enter your DFL product information (Model number, Date of purchase, MAC address, Serial Number and Distributor)

A10105_image4

Step 5: Confirm the information you entered and click next.

Step 6: After you complete the registration, you will receive an email from D-Link NetDefend Center with a login username and password for membership confirmation.

A10105_image5

Step 7: You can check your product licence status on My D-Link > Product Status

A10105_image6

Step 8: You can login the management page of your DFL firewall and enter the Activation code to activate your service under Maintenance > License

A10105_image7

Note: Before you begin registering your product, make sure your firewall is linked to the internet.
The DFL Firewall will connect with the License Server, and it will take few times.

A10105_image8

Step 9: Once your DFL firewall is activated. You can see the activation information on your firewall under Maintenance> License

Tags: ,

Dec 25

1. Introduction

The objective of this document is to provide a guide describing how to configure the
devices to achieve the same environment as show at the network topology.
Users of this document are expected to already possess basic knowledge of D-Link
devices and TheGreenBow VPN program, and are familiar with how to perform basic
configurations. Only important configurations, such as those pertaining to interfacing and

integrating, will be described in this document.

2. Product used

TheGreenBow_VPN_Client 4.61.003 and DFL-800 are used in the FAQ. The same applies to all other DFL products with Netdefend OS.

3. Network Diagram

A10089_image1

Note: Router is set to allow IPSec pass through.

4. Configurations

In this document, we will only describe the main configurations for this Scenario. The
configurations setting for all the D-Link products will not be described here and for more

detail about the product you can download their user guide.

4.1 TheGreenBow VPN client and DFL-800

A10089_image2

In this scenario the user can connect back to the headquarter database by using
TheGreenBow VPN client tunneling to DFL-800.
All configurations are based on DFL-800 and TheGreenBow
VPN Client (F/W: 4.61.003)
The steps in this configuration are:
Setup DFL-800 for VPN tunneling
Setup Pre-shared Key
Phase 1 and Phase 2 algorithms setup
Setting up IPSec-Tunnel
Setup IP Rules
Setup TheGreenBow VPN client
Setup Phase 1

Setup Phase 2

4.1.1) Setup DFL-800 for VPN tunneling
4.1.1.1) Setup Pre-Shared Key
1) Login to the DFL-800 and click Authenticate Objects and add

new Pre-shared Key and fill in the passphrase and name

A10089_image3

4.1.1.2) Phase 1 and Phase 2 algorithms setup
1) At the IKE Algorithms, select the Encryption and Integrity

algorithms for your phase 1 authenticate.

A10089_image4

2) Next is the IPSec Algorithms, select the Encryption and

Integrity algorithms for the phase 2.

A10089_image5

4.1.1.3) Setting up IPSec-Tunnel
1) After we finish setting up the algorithms, next we will need to

create the IPSec-Tunnel as show below.

 

2) Next, click on the Authentication tab and select the PreShared Key you have setup at the steps 1.

A10089_image7

3) After selecting the Pre-Shared Key, next is to enable the

Dynamically add route at the routing tab.

A10089_image8

4) Last step is to make sure the DH Group at the IKE setting is the

same setting for the TheGreenBow Client.

A10089_image9

4.1.1.4) Setup IP Rules
Now is to setup the IP Rules so there the DFL-800 knows where
to direct all the traffic to.
1) First add a new interface group name IPSec-LAN by grouping

up IPSec-Tunnel and LAN.

A10089_image10

2) Next, click IP Rules and add a new IP rule as show below.

A10089_image11

4.1.2) Setup TheGreenBow VPN Client
4.1.2.1)Setup Phase 1
1) Right click on the Root to add a new Phase, next fill in the IP
address for this VPN client and Remote gateway IP follow by

Preshared Key and IKE setting.

A10089_image12

Note: the Preshared Key and IKE must be the same setting set in the DFL-800

4.1.2.2) Setup Phase 2
1) Right click on the Phase1 to add a new Phase2, next fill in the
VPN Client address for this VPN client and Remote gateway IP

follow by ESP setting.

A10089_image13

Note: the ESP Encryption and Authentication setting must be the same in the

DFL-800 IPSec-Tunnel.

5.1) Test Result
a. The VPN tunnel will be open at any negotiation

Tags: , ,

Dec 17

Scenario:

VLAN 1 can communicate with VLAN 2 but VLAN2 cannot access VLAN 1. Both VLANS can access the internet.

DFL-210/800/1600:
Lan Interface: 192.168.1.1
VLAN1: 192.168.2.1
VLAN2: 192.168.3.1

DGS-3024:
Default VLAN— VID-1—Ports 1-8
Vlan1    VLAN— VID 2—Ports 9-24
Port 1 will be tagged and connected to the DFL-210/800/1600.

Setup of D-Link DGS-3024

Step 1:From command line interface of DGS-3024:
DGS-3024# create vlan Vlan1 tag 2
DGS-3024# config vlan default delete 9-24
DGS-3024# config vlan Vlan1 add untagged 9-24
DGS-3024# config vlan default add tagged 1
DGS-3024# config vlan Vlan1 add tagged 1
DGS-3024# save

A10534_image1

A10534_image2

Setup of DFL-210

Step 1: Click on Objects and Interface Address. Add New IP address for the following:

VLAN1: 192.168.2.1
VLAN2: 192.168.3.1
VLAN1_net: 192.168.2.0/24
VLAN2_net: 192.168.3.0/24

Step 2: Click on Interfaces and VLAN. Add New VLAN.
Name: VLAN1
Interface: lan
VLAN ID: 1

IP Address: VLAN1
Network: VLAN1_Net
Default Gateway: None

Click OK.

Step 3: Click on Interfaces and VLAN. Add New VLAN.
Name: VLAN2
Interface: lan
VLAN ID: 2
IP Address: VLAN2
Network: VLAN2_Net
Default Gateway: None

Click OK.

Step 4: Click on Objects and Interface Address. Add New IP4 group.
Name: All_Internal_Nets
Select: lannet, VLAN1_net, VLAN2_net

Click OK.

Step 5: Click on Interfaces and select Interface Groups. Add New Interface Group.
Name: All_Internal_Interfaces
Select: lan, Vlan1, Vlan2

Click OK.

Step 6: Click on Rules, IP Rules, Lan to WAN. Edit The following 4 Rules:
drop_smb-all
Allow_ping-outbound
Allow_ftp-passthrough
Allow_standard

Note: Each of the rules will need to be edited and have the new interface/nets applied.

Step 6: Click on Rules, IP Rules. Add New IP Folder (Optional).
Name: Vlan_Rules

Click OK.

Step 7: Add new IP Rule.
Name: Allow_VLAN1_to_VLAN2
Action: Allow
Service: All Services
Schedule: None
Source Interface: VLAN1
Source Network: VLAN1_Net
Destination Interface: VLAN2
Destination Network: VLAN2_Net

Step 7: Click Configuration Tab and click Save and Activate.

Tags: , ,

Dec 04

Step 1: Open a web browser and type the IP address of the firewall into the address bar (default is 192.168.1.1). Press Enter.

Step 2: The default username is admin (all lower case) and the password is admin (all lower case). Click on OK.

Step 3: Click on the plus sign next to Objects and then select Application Layer Gateways.

A10466_image1

Step 4: Select http-outbound, click on Add, and then select HTTP ALG URL.

A10466_image2

Step 5: Create the Content Filtering list as followed:

  • Action: Blacklist
  • URL: Key in desired filter URL in the format of Asterisk,dot,yahoo.com, forward slash, asterisk (*.yahoo.com/* in this example)

Click on OK.

A10466_image3

Step 6: Click on the plus sign next to Rules, select IP Rules, click on Add, and then select IP Rule Folder.

  • Name: name the folder as desired

Click on OK.

A10466_image4

Step 7: Click on Add and select IP Rule and configure as followed:

  • Name: name as desired
  • Action: NAT
  • Service: http-outbound
  • Schedule: None
  • Source Interface: lan
  • Source Network: lannet
  • Destination Interface: wan
  • Destination Network: all-nets

Click on OK.

A10466_image5

Step 8: Click on the Configuration tab and select Save and Activate from the dropdown menu. Click on OK to activate and save your changes.

A10466_image6

Tags: , ,

Nov 11

Note: These FAQs were created for firmware version 2.05 and above.

Note: You need to disable any pop-up blockers on your computer.


Connect using DHCP

Step 1: Open a web browser and type the IP address of the DFL in the address bar (default is 192.168.1.1) and press Enter.

Step 2: Enter username and password. Default username and password is admin.

A10186_image1

Step 3: The web GUI will begin with the D-Link setup wizard, or select the Setup Wizard button (available in firmware 2.26 or higher). Click Next.

A10186_image2

Step 4: You can set a new password here by entering the new password and re-typing the password to confirm then click Next.

A10186_image3

Step 5: Select the appropriate time zone then click Next.

A10186_image4

Step 6: Select WAN1 in the dropdown then click Next.

A10186_image5

Step 7: Select DHCP-automatic configuration then click Next.

A10186_image6

Step 8: Select Enable DHCP Servers (Optional) and configure as followed:

  • IP range: enter desired range IP for DHCP clients
  • Subnet Mask: entered corresponding subnet mask
  • Default Gateway: enter LAN IP of the firewall
  • DNS Server: enter desired DNS IP address

Click Next.

A10186_image7

Step 9: Configure the NTP Server as desired (Optional) then click Next.

A10186_image8

Step 10: Click Activate to save the configuration.


Connect using PPPoE

Step 1: Open a web browser and type the IP address of the DFL in the address bar (default is 192.168.1.1) and press Enter.

Step 2: Enter username and password. Default username and password is admin.

A10186_image9

Step 3: The web GUI will begin with the D-Link setup wizard, or select the Setup Wizard button (available in firmware 2.26 or higher). Click Next.

A10186_image10

Step 4: You can set a new password here by entering the new password and re-typing the password to confirm then click Next.

A10186_image11

Step 5: Select the appropriate time zone then click Next.

A10186_image12

Step 6: Select WAN1 in the dropdown then click Next.

A10186_image13

Step 7: Select the radio button labeled PPPoE-account details needed then click Next.

A10186_image14

Step 8: Enter your DSL account details provided by your ISP then click Next.

A10186_image15

Step 9: Select Enable DHCP Servers (Optional).

  • IP range: enter desired range IP for DHCP clients
  • Subnet Mask: entered corresponding subnet mask
  • Default Gateway: enter LAN IP of the firewall
  • DNS Server: enter desired DNS IP address

Click Next.

A10186_image16

Step 10: Configure the NTP Server as desired (Optional) then click Next.

A10186_image17

Step 11:: Click activate to save the configuration.

A10186_image18

Step 12: Click Close after the firewall is done saving the configuration.


Connect using a Static IP

Step 1: Open a web browser and type the IP address of the DFL in the address bar (default is 192.168.1.1) and press Enter.

Step 2: Enter username and password. Default username and password is admin.

A10186_image19

Step 3: The web GUI will begin with the D-Link setup wizard, or select the Setup Wizard button (available in firmware 2.26 or higher). Click Next.

A10186_image20

Step 4: You can set a new password here by entering the new password and re-typing the password to confirm then click Next.

A10186_image21

Step 5: Select the appropriate time zone then click Next.

A10186_image22

Step 6: Select WAN1 in the drop-down then click Next.

A10186_image23

Step 7: Select Static-manual configuration then click Next.

A10186_image24

Step 8: Configure the WAN1 for static public IP address as followed:

  • IP address: enter public IP address provided by ISP
  • NetMask: enter appropriated subnet mask provided by ISP
  • Gateway: enter gateway IP address provided by ISP
  • Primary DNS: enter DNS IP address provided by ISP
  • Secondary DNS: enter DNS IP address provided by ISP

Click Next.

A10186_image25

Step 9: Select enable DHCP Servers (Optional).

  • IP range: enter desired range IP for DHCP clients
  • Subnet Mask: entered corresponding subnet mask
  • Default gateway: enter LAN IP of the firewall
  • DNS Server: enter desired DNS IP address

Click Next.

A10186_image26

Step 10: Configure the NTP Server as desired (Optional) then click Next.

A10186_image27

Step 11: Click Activate to save the configuration.

A10186_image28

Step 12: Click Close after the firewall is done saving the configuration.

Tags: , , ,



 
1 2 3 4 5 Next
css.php