Nov 26

When you use the Virtual Server, Port Forwarding, or Remote Administration features to open specific ports to traffic from the Internet, you could be increasing the exposure of your LAN to cyberattacks from the Internet.

In these cases, you can use Inbound Filters to limit that exposure by specifying the IP addresses of internet hosts that you trust to access your LAN through the ports that you have opened. You might, for example, only allow access to a game server on your home LAN from the computers of friends whom you have invited to play the games on that server.

Inbound Filters can be used for limiting access to a server on your network to a system or group of systems. Filter rules can be used with Virtual Server, Gaming, or Remote Administration features. Each filter can be used for several functions; for example a “Game Clan” filter might allow all of the members of a particular gaming group to play several different games for which gaming entries have been created. At the same time an “Admin” filter might only allows systems from your office network to access the WAN admin pages and an FTP server you use at home. If you add an IP address to a filter, the change is effected in all of the places where the filter is used.

Below is a list of each option with a description of its use:

DIR-868L-Inbound-Filter

Add/Edit Inbound Filter Rule
Here you can add entries to the Inbound Filter Rules List below, or edit existing entries.

Name
Enter a name for the rule that is meaningful to you.

Action
The rule can either Allow or Deny messages.

Source IP Range
Define the ranges of Internet addresses this rule applies to. For a single IP address, enter the same address in both the Start and End boxes. Up to eight ranges can be entered. The Enable checkbox allows you to turn on or off specific entries in the list of ranges.

Save
Saves the new or edited Inbound Filter Rule in the following list. When finished updating the Inbound Filter Rules List, you must still click the Save Settings button at the top of the page to make the changes effective and permanent.

Inbound Filter Rules List
The section lists the current Inbound Filter Rules. An Inbound Filter Rule can be changed by clicking the Edit icon, or deleted by clicking the Delete icon. When you click the Edit icon, the item is highlighted, and the “Edit Inbound Filter Rule” section is activated for editing.

In addition to the filters listed here, two predefined filters are available wherever inbound filters can be applied:

Allow All
Permit any WAN user to access the related capability.

Deny All
Prevent all WAN users from accessing the related capability. (LAN users are not affected by Inbound Filter Rules.)

Tags: , , ,

Apr 25

The firewall security features built into the D-Link DI-624 router prevent users from accessing the video from the D-Link DCS-2120 over the Internet. The router connects to the Internet over a series of numbered ports. The ports normally used by the D-Link DCS-2120 are blocked from access over the Internet. Therefore, these ports need to be made accessible over the Internet. This is accomplished using the Virtual Server function on the DI-624 router. The Virtual Server ports used by the camera must be opened through the router for remote access to your camera. Virtual Server is accessed by clicking on the Advanced tab of the router screen.

Follow these steps to configure your router’s Virtual Server settings:

**In this example, we are using the DI-624. The Virtual Server interface may differ depending on your router*.

Follow these steps to configure the Virtual Server settings of the D-Link DI-624:

Step 1: Open a web browser such as Internet Explorer and enter the IP address of your router (192.168.0.1). Enter username (admin) and your password (leave blank).

Step 2: Click on the Advanced tab and then the Virtual Server button on the left.

Step 3: Click Enabled.

Step 4: Enter a different name for each entry.

Step 5: Enter your camera’s local IP Address Private IP field.

Step 6: Select TCP for HTTP port and both (TCP and UDP) for RTSP port.

Step 7: If you are using the default camera port settings, enter 80 into the Public and Private Port section, click Apply.

Step 8: Scheduling should be set to Always so that the camera images can be accessed at any time.

Repeat the above steps adding the port 554 to both the Public and Private Port sections. A check mark appearing before the entry name will indicate that the ports are enabled.

Important: Some ISPs block access to port 80 and other commonly used Internet ports to conserve bandwidth. Check with your ISP so that you can open the appropriate ports accordingly. If your ISP does not pass traffic on port 80, you will need to change the port the camera uses from 80 to something else, such as 800. Not all routers are the same, so refer to your user manual for specific instructions on how to open ports.

Enter valid ports in the Virtual Server section of your router. Please make sure to check the box next to the D-Link camera name on the Virtual Server List to enable your settings.

Tags: , , ,

Mar 06

1.Virtual Server Configuration

The D-Link DIR-601 can be configured as a virtual server so that remote users accessing Web or FTP services via the public IP address can be automatically redirected to local servers in the LAN (Local Area Network).

The D-Link DIR-601 firewall feature filters out unrecognized packets to protect your LAN network so all computers networked with the DIR-601 are invisible to the outside world. If you wish, you can make some of the LAN computers accessible from the Internet by enabling Virtual Server. Depending on the requested service, the D-Link DIR-601 redirects the external service request to the appropriate server within the LAN network.

The D-Link DIR-601 is also capable of port-redirection meaning incoming traffic to a particular port may be redirected to a different port on the server computer.

D-Link-DIR-601-Virtual-Server

Each virtual service that is created will be listed at the bottom of the screen in the Virtual Servers List. There are pre-defined virtual services already in the table. You may use them by enabling them and assigning the server IP to use that particular virtual service.

This will allow you to open a single port. If you would like to open a range of ports, refer to the next page.

D-Link-DIR-601-DDNS

Name:

Enter a name for the rule or select an application from the drop-down menu. Select an application and click << to populate the fields.

IP Address:

Enter the IP address of the computer on your local network that you want to allow the incoming service to. If your computer is receiving an IP address automatically from the router (DHCP), you computer will be listed in the “Computer Name” drop-down menu. Select your computer and click <<. Private Port/Public Port: Enter the port that you want to open next to Private Port and Public Port. The private and public ports are usually the same. The public port is the port seen from the Internet side, and the private port is the port being used by the application on the computer within your local network. Protocol Type: Select TCP, UDP, or Both from the drop-down menu. Protocol Type:Select TCP, UDP, or Both from the drop-down menu. Inbound Filter: Select Allow All (most common) or a created Inbound filter. You may create your own inbound filters in the Advanced > Inbound Filter page.

Schedule:

The schedule of time when the Virtual Server Rule will be enabled. The schedule may be set to Always, which will allow the particular service to always be enabled. You can create your own times in the Tools > Schedules section.

2.DDNS Configuration

The DDNS feature allows you to host a server (Web, FTP, Game Server, etc…) using a domain name that you have purchased (www.whateveryournameis.com) with your dynamically assigned IP address. Most broadband Internet Service Providers assign dynamic (changing) IP addresses. Using a DDNS service provider, your friends can enter in your domain name to connect to your server no matter what your IP address is.

D-Link-DIR-601-DDNS2

Enable DDNS: Check to enable DDNS.

Server Address:Choose your DDNS provider from the drop down menu.

Username or Key:Enter the Username for your DDNS account.

Password or Key:Enter the Password for your DDNS account.

Timeout:Enter a time (in hours).

Status:Displays the current connection status to your DDNS server.

Tags: , , ,

Feb 03

The D-Link DGL-4500 can be configured as a virtual server so that remote users accessing Web or FTP services via the public IP address can be automatically redirected to local servers in the LAN (Local Area Network).

The D-Link DGL-4500 firewall feature filters out unrecognized packets to protect your LAN network so all computers networked with the DGL-4500 are invisible to the outside world. If you wish, you can make some of the LAN computers accessible from the Internet by enabling Virtual Server. Depending on the requested service, the DGL-4500 redirects the external service request to the appropriate server within the LAN network.

The DGL-4500 is also capable of port-redirection meaning incoming traffic to a particular port may be redirected to a different port on the server computer.

Each virtual service that is created will be listed at the bottom of the screen in the Virtual Servers List. There are
pre-defined virtual services already in the table. You may use them by enabling them and assigning the server IP to use that particular virtual service.

dlink-dgl-4500-Virtual-Server

Enable:

Check this box to enable the rule.

Name:

Enter a name for the rule or select an application from the drop-down menu. Select an application and click << to populate the fields.

IP Address:

Enter the IP address of the computer on your local network that you want to allow the incoming service to. If your computer is receiving an IP address automatically from the router (DHCP), you computer will be listed in the “Computer Name” drop-down menu. Select your computer and click <<.

Protocol Type:

Select TCP, UDP, or Both from the drop-down menu. Private Port/Public Port: Enter the port that you want to open next to Private Port and Public Port. The private and public ports are usually the same. The public port is the port seen from the Internet side, and the private port is the port being used by the application on the computer within your local network. Schedule: The schedule of time when the Virtual Server Rule will be enabled. The schedule may be set to Always, which will allow the particular service to always be enabled. You can create your own times in the Tools > Schedules section.

Inbound Filter:

Select Allow All (most common) or a created Inbound filter. You may create your own inbound filters in the Advanced > Inbound Filter page.

Tags: , ,

Aug 30

You can use the Virtual Server to forward an individual port to one of your computers. You cannot forward the same port to multiple computers. In order to configure the D-Link Virtual Server you need to know the IP address of the computer that needs the port opened and the service port number. The links below will help you find the IP address of your machine. If you don’t know which port needs to be opened, try checking the software manufacture’s support website for information on use behind firewall.

Configuring the Virtual Server on D-Link DI-604:

Step 1: Access the device configuration by entering 192.168.0.1 in your web browser. Login with your username and password. The default username is admin and the password is blank.

Step 2a: If the port you need to forward is a common port, it will be under the predefined virtual server list at the bottom of the page. Click the pad and paper icon next to the virtual server entry you want to use. The Protocol Type and Service Port fields are preconfigured. Click the Enable radio button to use the virtual server. Enter the private IP address of the computer that will use the service port. Configure the Schedule as needed, then Apply your settings.

dlink-di-604-firewall-1

Step 2b: If the port you need to forward is not listed under the predefined virtual server list at the bottom of the page, you can create a new entry for your application. Click the Enable radio button to use the virtual server. Give your virtual server a name. Next, enter the private IP address of the computer that will use the service port. Then, select the Protocol Type and enter the Service Port. If you don’t know how to use Private and Public port assignment, then just enter the same port number in both fields. Configure the Schedule as needed and Apply your settings.

dlink-di-604-firewall-2

Tags: , ,



 
1 2 Next
css.php