D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: gmac on November 07, 2012, 12:18:03 AM

Title: DFL-210 Filter LAN to LAN
Post by: gmac on November 07, 2012, 12:18:03 AM

Hi,

How can I configure FW that one or more LAN clients (e.g.: 192.168.0.100) allow only WAN (don't allow any service on LAN e.g.: drop ping 192.168.0.101)?

Thanks
gmac

Title: Re: DFL-210 Filter LAN to LAN
Post by: danilovav on November 20, 2012, 01:16:35 PM

Because internal LAN traffic is going without DFL's control, you can't do it very simple.

DFL provides you two solutions:
1) transparent mode
2) routing (different network from lannet)

Both solutions require to put limited client(s) into separated interface (DMZ, one of LANs on DFL-260E/860E or VLAN) and allow only traffic to WAN, but don't allow (e.g. block) traffic to LAN.

Title: Re: DFL-210 Filter LAN to LAN
Post by: gmac on November 21, 2012, 03:42:59 AM

OK, the VLAN is my friend  :)

Thanks
gmac