D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: tsgiannis on August 03, 2011, 04:04:01 AM

Title: 1:N with port handling(port translation)
Post by: tsgiannis on August 03, 2011, 04:04:01 AM
Hello to everybody ,
I have this scenario and i can't understand from the manual how to do it.

I have a set of security Lan/Wlan Cameras ...10 of them

I would like to monitor them from the outside but my ADSL router has limited port forwarding capabilities so i have to use the DFL-210..

I would like to do something like this
SecCamera01 --> StaticIp:10000 ------> InternalIP_of_the_Camera1:8080
SecCamera02 --> StaticIp:10001 ------> InternalIP_of_the_Camera2:8080
.................................................................................................
SecCamera10 --> StaticIp:10009 ------> InternalIP_of_the_Camera10:8080

Is also acceptable this scenario

SecCamera01 --> StaticIp:10000 ------> InternalIP_of_the_Camera1:8080
SecCamera02 --> StaticIp:10001 ------> InternalIP_of_the_Camera2:8081
.................................................................................................
SecCamera10 --> StaticIp:10009 ------> InternalIP_of_the_Camera10:8089
 Although i have to admit that the 1st scenario is much better
 
Right now i have followed the guides i have established the SAT/NAT rules combination for 1 camera but i think is a lot awkward to do this for 10 camers...also i have some other cases (future) that will require a lot of rules....:(
So if u have met this case please help















Title: Re: 1:N with port handling(port translation)
Post by: danilovav on August 03, 2011, 12:17:53 PM
You can combine a little bit

First, make service group from all camera services, ex
camera_10000 tcp/10000
camera_10001 tcp/10001
camera_group = camera_10000 + camera_10001

Then, you can use rule style below
SAT wan/all-nets core/wan_ip camera_10000, SAT: new source = InternalIP_of_the_Camera1, new port = 8080
SAT wan/all-nets core/wan_ip camera_10001, SAT: new source = InternalIP_of_the_Camera2, new port = 8080
Allow wan/all-nets core/wan_ip camera_group
Title: Re: 1:N with port handling(port translation)
Post by: tsgiannis on August 03, 2011, 09:55:46 PM
Just to see i***et the point
I have to create a service for each and every camera...and if i have lets 100 cameras i would have to create 100 individual entries as service.
My question is ..can't i do it with  a service that has an ip range?
Something like : SecurityCams /10000-10009.
And then according to the port redirected to the Internal IP...and the specific port?
If it can't be done then no problem ( i am already using this ...except the service group...nice idea by the way)
Title: Re: 1:N with port handling(port translation)
Post by: scrubsguy on August 03, 2011, 10:19:05 PM
yes the services needs to be setup for this to work... is it IP camera's , if you can get the mac ADD then  it will be easier maybe..to setup ..then all you is just add the physical ADD to your interface ADD