D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: tsgiannis on March 28, 2011, 09:50:18 AM
-
Hello to everybody
I am trying to activate the transparent mode but unfortunately its just doesn't "play"
The situation is like this
I have a network in the form 10.xxx.xxx.xxx and a subnet mask 10.xxx.xxx.xxx/20
Right now there is an ADSL router which serves as the Internet gateway for the whole company.
Because i didn't wanted to change anything in the configuration i decided to use the transparent mode (the scenario 1)
My router has an IP 10.0.0.100 and i decided to use 10.0.0.200 for the DFL-210
So far so good i see the router,i see the DFL-210
I set wan Interface with wan_ip 10.0.0.100,wannet 10.0.0.0/20 Gateway 10.0.0.100
and the lan_ip like 10.0.0.200 and and lannet 10.0.0.0/20. Gateway 10.0.0.100 (i tried with and without) enable transparent mode in both and automatic add default route....(the advanced tab)
I went to rules and i defined the HTTPAllow with source lan - lannet / wan all-nets ( i have tried a lot of combinations but nothing) ....
When i unplug the router from the switch and plug on the wan port of DFL-210 NO internet(port 1 of DFL to switch) .So what am i missing
I even upgraded the DFl to latest firmware.
I set the IP rule like in the manual source/destination
-
Hi:
1.- In transparent mode at least WAN and LAN interfaces must be checked as transparent and both must be configured in the same ip range (subnet). Router ip also.
2.- If you are using transparent mode you only need configure the gateway ip for the wan interface, nothing for the lan interface.
3.- For internet access you only need the default rule configured by default "allow_standard". This rule includes all tcp/udp standard services. You do not need configure other http rule.
4.- In transparent mode it's the same if you configure NAT or ALLOW. You can leave the NAT rule as default.
5.- Be sure that your clients are configured as if there is not any firewall; in other words, gateway ip is the router ip.
6.- WAN interface connected to router and lan interface connected to your local network.
Remain that transparent mode performs right.
I'm using it at this moment
Regards
-
Well......nothing...is not working...
Here is a pic of my network
(http://i54.tinypic.com/259xzsm.png)
and here is the guide on page 173 of the DFL-210 manual
Example 4.14. Setting up Transparent Mode for Scenario 1
Web Interface
Configure the interfaces:
1. Go to Interfaces > Ethernet > Edit (wan)
2. Now enter:
• IP Address: 10.0.0.1
• Network: 10.0.0.0/24
• Default Gateway: 10.0.0.1
• Transparent Mode: Enable
3. Click OK
4. Go to Interfaces > Ethernet > Edit (lan)
5. Now enter:
• IP Address: 10.0.0.2
• Network: 10.0.0.0/24
• Transparent Mode: Enable
6. Click OK
Configure the rules:
1. Go to Rules > IP Rules > Add > IPRule
2. Now enter:
• Name: HTTPAllow
• Action: Allow
• Service: http
• Source Interface: lan
• Destination Interface: any
• Source Network: 10.0.0.0/24
• Destination Network: all-nets (0.0.0.0/0)
3. Click OK
-
But ....... ???
The WAN IP of the DFL is the same IP of the router ?. It is not possible.
-
I followed the instructions.... :o
at least in this pic from the manual
(http://i56.tinypic.com/2zg8ej9.png)
at least to my eyes it reads like the Wan Ip of DFL and Ip of the Router is the Same
Should i choose some other IP(?)
-
Well thanks....the other IP did the trick...i guess i must learn to "read and guess" the manuals of D-Link.
My fault is i didn't read the Layer-2 documentation..... :-[
But from what i've read it was like this."We instruct the Firewall that the Wan uses an IP which already belongs to the router but no matter what packages from ADSL router will be translated to something intermediate inside the Firewall (not seen)...processed and returned to the network as if they were originated from the router...and this goes the other way around".
Its time for some TCP/IP reading......