D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: Pumatj01 on December 11, 2011, 08:24:14 PM
-
Hi i hope some one can help me!!! i just purchase a DFL-860 firewall and i can get the firewall to give me access to the internet :-[, i ran the setup wizard at the begining and i specified the parameter like the wizard ask, for example:
It ask how the WAN1 port is going to connect to the internet and it gives me 5 option: 1.-Static IP, 2.-DHCP server, 3.-PPPoE, 4.-PPTP and 5.-Big Pot.
So i marked the number 2 option witch is DHCP seens that is the one that my ISP is giving me.
The wizard ask if i wanted to eneble the DHCP services for the LAN ports and i enebleit and gave the parameter wich are:
Ip Range:192.168.1.10-192.168.160
Subnet mask:255.255.255.0
Gateway:192.168.1.1
DNS:192.168.1.1
now wen i go to the other computers on my network wich are 35 they all get a ip address, subnetmask,gateway and dns, but i dont get internet access.
I went on the progamming panel to interfaces--->WAN1 and i see this:
name: WAN1_ip
IP:0.0.0.0 (cant edit or modify)
active ip:189.220.38.65 (this is the ip that the cable modem is giving me)
name: WAN1_sb
subnetmask:0.0.0.0 (cant edit or modify)
active subnet:255.255.255.0(this is the subnet mask that the cable modem is giving me)
name: WAN1_gw
Gateway:0.0.0.0 (cant edit or modify)
active gateway:189.220.38.1(this is the gateway that the cable modem is giving me)
name: WAN1_dns1
DNS: 0.0.0.0 (cant edit or modify)
active DNS1:200.77.213.251(this is the DNS1 that the cable modem is giving me)
name: WAN1_dns2
DNS:0.0.0.0 (cant edit or modify)
active DNS2:200.77.213.250(this is the DNS2 that the cable modem is giving me)
And on interface status an dont get any ip, subnet mask, gateway and DNS.
So i dont know way i dont get any internet access seens it seems that the firewall is getting the necesary data from the modem, and i try putting a router after the modem and before the DFL-860 and i get the same problem, can any one tell me what em i doing wrong or is there and additional step or additional configuration that i need to do because i need to setup this firewall ASP with internet access.
thanks hope any one can help me!!!!!
-
Have you defined ip-rules that allow internet access from your lan network?
Should be a NAT rule that allow traffic from you lan interface and lan network to wan interface all-nets
-
Nop because sens on the WAN1 interfaces a don't get the ip address, Subnet mask, gateway and DNS, on the top were it says 0.0.0.0 it suppose to say the ip address,subnetmask, gateway and DNS that the cable company is given me that is way im stock there!!!!!!!!!
-
Isnīt 189.220.38.65 the ip that you are getting?
It says 0.0.0.0 when you have dhcp enabled, if you look closer on the itnerface you should see that it has been assigned ip settings.
-
Ok yeah i see now, the IP address, Subnet, Gateway and the DNS are the ones from my ISP, now what i need to know is how in tha hell do i open access to the internet for my network, because i see that the DFL-860 has internet access and i confirm this by doing a ping to an outside ip address from the control panel of the DFL-860, and i get a response, but wen i try to access the internet from any computer of my network the firewall is blocking the internet request and i don't get any access to the web, so con any one tell me what are the proper steps i need to take in order to achieve access to the internet.
P.S. Pleases do not give me an other manual to read because i already read several of them and not one of the manual i read has the answer i need .
I hope some one can help me thanks!!!!!!
-
By default firewalls are dropping everything.
What you need to do is to create a NAT rule for outbound access in the ip rules section.
Something like this:
NAT src.if src.net dest.if dest.net all-services
In your case source interface and network is your LAN interface and LAN network.
And destination interface is wan and destination network is all-nets (that is the internet)
The service to use on this rule is "all-services", that means all tcp/udp ports and all other ip protocols are allowed.
-
By default (after wizard) DFL allows (NAT) everything from lan to wan
Just, it doesnt have DNS relay configuration, so try just ping by IP and use external DNS on clients