D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: riccio99 on August 02, 2011, 04:16:13 AM

Title: dfl-800 lan to lan VPN block traffic
Post by: riccio99 on August 02, 2011, 04:16:13 AM

Hi all, i have a DFL-800 with a lan to lan VPN with a branch office.

Now i want to block the traffic from the branch office to the main office so that they can ping or do nothing on our network but i want the us from the main office can do everything on their network(remote desktop connection,ping and so on...).

I tryed to put an ip rules in this way:
name BLOCK_boffice        
action Reject  
source interface moff-boff_tunnel    (ipsec tunnel)
source network boffLAN  (lan of b offcie)        
destination lan                          
interface destination lannet              
network services all_services

but it doesn't work they can still ping a see us on network share (\\192.168.....)

Please someone can help me ?

thx you!
  

Title: Re: dfl-800 lan to lan VPN block traffic
Post by: danilovav on August 02, 2011, 01:45:55 PM

Just remove/disable rule
Allow moff-boff_tunnel/boffLAN lan/lannet

Title: Re: dfl-800 lan to lan VPN block traffic
Post by: scrubsguy on August 03, 2011, 10:11:38 PM

did this work?

Title: Re: dfl-800 lan to lan VPN block traffic
Post by: riccio99 on August 04, 2011, 04:51:45 AM

i'm sorry i was out for work...

yes..it worked...or better it illuminated me... i delete all rules and added only one rule:

ALLOW_ALL Allow lan lannet any all-nets all_services

it permit all traffic from main office over vpn and block all traffic from branch office pver vpn.

it seems to work...

thx a lot for uur help.

Title: Re: dfl-800 lan to lan VPN block traffic
Post by: scrubsguy on August 07, 2011, 11:01:58 PM

cool  :)