D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: navi on June 15, 2011, 12:22:51 AM

Title: DFL Command Line Interface
Post by: navi on June 15, 2011, 12:22:51 AM

I'm using DFL-800 firmware 2.27.03.25-14780


I wonder why CLI commands described in:
http://files.dlink.com.au/Products/DFL-800/REV_A/Manuals/NetDefendOS_2.27.03_CLI_Guide.pdf
doesn't work ;/

For example:
3.30.7. L2TPServer(p. 140) -  has Property:
"MemberOfRoutingTable -  All or Specific. (Default: All)"


DFL-800:/> set Interface L2TPServer MyL2TP_Server MemberOfRoutingTable="myTable"

Error: Invalid property name "MemberOfRoutingTable".
DFL-800:/>

When I use tab key to see which properties are avaible in current context I get:

DFL-800:/> set Interface L2TPServer MyL2TP
<key-value pair>:

 AllowedRoutes  DNS1  Interface  IPPool    MPPERC4128  MPPERC456  NBNS1  ProxyARPAllInterfaces  ServerIP        UseUserAuth
 Comments       DNS2  IP         MPPENone  MPPERC440   Name       NBNS2  ProxyARPInterfaces     TunnelProtocol

So comparing with documentation properties: RoutingTable, MemberOfRoutingTable, MPPEAllowStateful are missing.

Does anyone know why ??

Title: Re: DFL Command Line Interface
Post by: danilovav on June 15, 2011, 03:33:57 AM

First, possible options depend from type of server

Code: [Select]

Home-800:/> set Interface L2TPServer pptps_wan2
<key-value pair>:

 AllowedRoutes  DNS1  Interface  IPPool             MPPENone    MPPERC440  Name   NBNS2                  ProxyARPInterfaces  TunnelProtocol
 Comments       DNS2  IP         MPPEAllowStateful  MPPERC4128  MPPERC456  NBNS1  ProxyARPAllInterfaces  ServerIP            UseUserAuth

 Other valid options: -disable, <enter>

Home-800:/> set Interface L2TPServer l2tps_vlan33
<key-value pair>:

 AllowedRoutes  DNS1  Interface  IPPool    MPPERC4128  MPPERC456  NBNS1  ProxyARPAllInterfaces  ServerIP        UseUserAuth
 Comments       DNS2  IP         MPPENone  MPPERC440   Name       NBNS2  ProxyARPInterfaces     TunnelProtocol

 Other valid options: -disable, <enter>
As you can see, MPPEAllowStateful is possible for PPTP server

Options MemberOfRoutingTable, MPPEAllowStateful seem not implemented in current version or disabled in DFL-800

Title: Re: DFL Command Line Interface
Post by: navi on June 15, 2011, 05:44:12 AM

So there are mistakes in documentations.

I'm intrested in property RoutingTable of VLAN interface.
I hoped that CLI will support it, because http doesn't have this option.

I need this because I want to configure 2 transparent systems.
1-WAN1+dmz
2-WAN2+VLAN on dmz interface

I configured new routing table for switched routes WAN2 wan2_net and VLANDMZ wan2_net,
but I get this error:
CFG WARNING: Iface 'VLANDMZ' has no specific routing table assigned to it. Using 'main' routing table for switching.


CLI Documentation (3.30.10 VLAN) has this property, but:

Quote

DFL-800:/> set Interface VLAN VLANDMZ RoutingTable=switched2table
Error: Invalid property name "RoutingTable".

So it's not implemented ;/

Title: Re: DFL Command Line Interface
Post by: danilovav on June 15, 2011, 06:39:27 AM

It can be removed by licence same as HA (for example)
Possible, it can be used on higher models