D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: ginopaleo on March 14, 2011, 09:20:25 AM

Title: DMZ on DFL-210
Post by: ginopaleo on March 14, 2011, 09:20:25 AM

Hi to everyone, I have problems with a server on DMZ, and I'm not able to write the correct set of rules.
That's my scenario (similar to the former).
I have my PUBLIC IP 1.1.1.1
I gave my DMZ port on DFL-210 the IP 192.168.0.1
Really I would like to have a hub behind my DMZ port, because I want to connect several servers to my only DMZ port and control their in/outcoming traffic with the rules of my DFL-210
Say I'm interested in server 192.168.0.3.
I want that TCP traffic, incoming on ext port say 1.1.1.1:2222 will be redirected to the same port of my server 192.168.0.3 in the DMZ area, and the traffic on ext port say 1.1.1.1:3333 will be redirected to port 4444 of my server 192.168.0.3 in the DMZ area
In a few words: 1.1.1.1:2222 --> 192.168.0.3:2222 and 1.1.1.1:3333 --> 192.168.0.3:4444
I have till now installed another router/firewall and it works correctly, but I want to substitute it with DFL-210 and that's why I'm having troubles.
Could you someone help me, please?
Thanks
Gino

Title: Re: DMZ on DFL-210
Post by: silver_surfer30 on March 15, 2011, 01:39:37 AM

so you need to create 2 sat rules and 2 allow rules.
Be sure that you have configure the ip rules to nat trafic from dmz to your wan interface.

sat wan/all-net services service 3333 core/1.1.1.1 and in the sat tab select the 192.168.0.3 and specify the new port.
create the appropriate allow rule like this:
allow wan/all-nets service 3333 core/1.1.1.1

Do the same for other port.