D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: bubbleman on February 11, 2011, 03:05:34 PM

Title: DMZ Transparent Mode
Post by: bubbleman on February 11, 2011, 03:05:34 PM

Hi everyone, I need to change the DFL-800 configuration, in this way:

WAN1: IP Public (XXX.82.215.94) / Net: XXX.82.215.88/29 / Gateway: XXX.82.215.89
DMZ: (servers with ip public) for example: PBX with two nics: IP PUBLIC: XX.82.215.90 and IP LAN: 10.100.1.6

I don't know how to configure DMZ, to work in transparent mode, because the servers need to connect to internet with IP public, and without NAT.

Any suggestion would be appreciate.

Thxs. ???

Title: Re: DMZ Transparent Mode
Post by: silver_surfer30 on February 13, 2011, 04:52:09 AM

what you can do is to configure the dmz interface with same ip settings than the wan1 interface and in the interface/ethernet/dmz tick the enable transparent mode box.
Your servers will have as default gatewy your isp router.

Title: Re: DMZ Transparent Mode
Post by: bubbleman on February 13, 2011, 06:52:37 AM

I have tried this. But the server cannot reached to/from the public IP. I fact, from tools/ping inside the FW, I cannot ping to the public ip.

Now, the DMZ have the same IP, same network, and same gateway. And transparent mode in dmz interface.

Maybe I need add some Ip rules.??

Thxs.

Title: Re: DMZ Transparent Mode
Post by: silver_surfer30 on February 13, 2011, 10:26:01 AM

you need to do the reverse allow rule from the wan1 to the dmz.

Title: Re: DMZ Transparent Mode
Post by: bubbleman on February 13, 2011, 10:33:06 AM

Could you give more details? I have no experience with this brand firewall.

Thxs.

Title: Re: DMZ Transparent Mode
Post by: bubbleman on February 14, 2011, 07:28:30 AM

Hi, I have include an images about the actual configuration, maybe could help to see if Im doing something wrong.

Mainroutes:
(http://img822.imageshack.us/img822/1953/dfl800mainroutes.th.png) (http://img822.imageshack.us/i/dfl800mainroutes.png/)

Ethernet:
(http://img266.imageshack.us/img266/6584/dfl800ethernet.th.png) (http://img266.imageshack.us/i/dfl800ethernet.png/)

IP Rules:
(http://img218.imageshack.us/img218/5641/dfl800rutes.th.png) (http://img218.imageshack.us/i/dfl800rutes.png/)

Interfaces:
(http://img7.imageshack.us/img7/2944/dfl800interfaces.th.png) (http://img7.imageshack.us/i/dfl800interfaces.png/)

And I have connected the PBX Public Nic direcly to DMZ port, and from ping tools inside the firewall I cannot ping to PBX and from PBX cannot reach internet.

Thanks ;-)

Title: Re: DMZ Transparent Mode
Post by: bubbleman on February 15, 2011, 12:42:05 AM

Finally, I solved the problem, You need to activate the transparent mode in both DMZ and WAN, and works.  ;D