D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: araujodocarmo on January 13, 2011, 08:18:43 AM
-
Hello
How can I set a group of users by IP, in order to gain access to sites that are on the Black list.
Thanks
-
Nobody can help me?
I have a Dlink DFL 200
-
download this file : ftp://ftp.dlink.co.uk/dfl_firewall/dfl-700/dfl-700_User_Authentication_example.pdf
then use http_outbound service.
-
Thanks
The link is not working.
Bye
-
Ok. Link is working but anyway.
find bellow a how to :
This document will show how the DFL-700 is configured for user access control using the User Authentication function. This example only shows policies based on HTTP and FTP access however the User Authentication function can be used on any policy that you have created. The DFL-700 can be used with a RADIUS server if there are a large number of users that need to be supported.
1 - The first thing to do is to change the default HTTP and HTTPS Administration ports. This is because the 'User Authentication' function will now use port 80 and 443. To change the HTTP/HTTPS Administration, click on System7 Administration. Change the HTTP and HTTPS port the preferred port. In this example, the ports are HTTP (8080) and HTTPS (444). Click on Apply.
2 - Go into Firewall7 Users. Select the option for Enable User Authentication via HTTP/HTTPS. Select the HTTPS only option and set the Timeout as desired. Click on Apply. Click on Add New at the bottom of the screen to add users.
3 - Enter the Username, Group Membership (webusers) and Password for the user.
Add more users/groups as needed. Click on Apply when finished.
4 - Now it's time to specify which groups according to the policy. Go into Firewall7 Policy7
LAN7WAN. This firewall has 4 rules configured in total and 2 are for outgoing FTP and
HTTP connections. Click on Edit against allow_http
5 - Type in the group 'webusers' under the Users/Groups field under Source Nets. Click on Apply
6 - Go into Firewall7 Policy7 LAN7WAN and this time edit the allow_ftppassthrough policy. Type in the group 'ftpusers' under the Users/Groups field under Source Nets. Click on Apply
7 - Click on Activate at the bottom left hand corner of the screen.
8 - Click on the 'Activate Changes' button.
9 - After the DFL-700 has rebooted you will find that you will no longer be able to access the Internet as before. In order to access the Internet, you will need to login to the DFL-700 to get access. To do this, type in https://192.168.1.1. You will now get an Authentication screen as shown below instead of the DFL-700 administration screen.
Type in the username and password and then click on Submit.
10 - You will now get the screen below once you have successfully logged in. You just minimise this screen while logged in.
11 - The user in the webuser group should now be able to access the Internet whilst logged in.
Basically that should do it ....just follow
-
will this work on the dfl-210?
i have about 4 of these units.. office and home and would like to have this function
-
On DFL-210 you can define rules on the base of source ip/network and limit servers by destination ip/network and/or by HTTP ALG
-
thanks will try this on my home network first