D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: bart586 on June 17, 2009, 12:13:05 AM

Title: NEW Dlink DFL-260 USeR!
Post by: bart586 on June 17, 2009, 12:13:05 AM

Hi All, Sorry to Sound thick, BUT

We are used to using Sonicwall TZ190 UTMs with VPN etc etc and want to move to these DFL260 units


Configs are a lot different, and have tried a test setup, BUT having problems with DNS

Typing an internet IP address brings the page up but typing a name fails

Any pointers on a basic setup & Rules, before we start looking at VPN and other stuff??

Thanks in Advance

Title: Re: NEW Dlink DFL-260 USeR!
Post by: Fatman on June 17, 2009, 09:01:01 AM

What is your PC using as a DNS server?  If it is using the IP of the DFL then the easiest solution would be to implement a port forward like the below.

Action: SAT
Service: dns
Source Interface: LAN
Source Network: LAN_Net
Destination Interface: core
Destination Network: LAN_IP
SAT Destination: DNS_Server

Action: NAT
Service: dns
Source Interface: LAN
Source Network: LAN_Net
Destination Interface: core
Destination Network: LAN_IP

Title: Re: NEW Dlink DFL-260 USeR!
Post by: bart586 on June 18, 2009, 12:27:21 AM

Thanks for THat, we cant get anything now, Factory reset it, and did the basic set up which states it should allow all traffic through the unit, But Nothings flowing

There doesnt even seem to be a option to monitor or test the wan connection, Maybe trying to move to Dlink from sonicwall is not such a good idea afterall


Thanks

Title: Re: NEW Dlink DFL-260 USeR!
Post by: Fatman on June 18, 2009, 08:06:37 AM

What kind of WAN connection are you using?
What is listed under Status->Interfaces->WAN?
Can you get out if you assign a static IP, gateway, and DNS information on a PC?

Title: Re: NEW Dlink DFL-260 USeR!
Post by: bart586 on June 19, 2009, 12:21:28 PM

OK, Thanks for all your info, Moving on

Reconfig'd ADSL Router, Reset (again!) and matched STATIC WAN info on DFL

Now get Web pages through DFL-260 - Yay!!

Setup WCF as per the basic instructions 'configuration examples for the dlink netdefend firewall series dfl260/860'

BUT it seems to block all pages, even whitelisted ones....

Browser says 'Web site found' in the usual way, but then fails to display anything??

Removing the Rule its OK again

Help

Thanks

Title: Re: NEW Dlink DFL-260 USeR!
Post by: Fatman on June 19, 2009, 01:19:50 PM

The rule for URL ALGs (which is different than WCF, which uses a similar rule) is a NAT rule not a drop or reject rule.

Title: Re: NEW Dlink DFL-260 USeR!
Post by: bart586 on June 22, 2009, 02:07:58 AM

Sorted filtering, However Netdefend will block facebook.com but not www.facebook.com ?!??!

Is there anyway to change the Blocked message, As for Us it gives Too much info, We just want to say the page has been Block and who to contact about it...

Also Is there anywhere to submit a site for rating?


Thanks

Title: Re: NEW Dlink DFL-260 USeR!
Post by: Fatman on June 22, 2009, 08:10:16 AM

If you are filtering by blacklist try making it *facebook.com*.

There is no way to change the blocked message to my knowledge.

If you are using WCF, every site you visit is submitted for rating.  WCF works by forwarding every URL for approval.  Those not recognised should be reviewed (I have no information on the delay or how many new sites per day get reported or reviewed) and flagged by machine if a machine can do it, then by human failing that.