Manualshelf

User`s manual

ManualsBrandsD-Link ManualsComputer equipmentD DFL-500 DFL-500
21222324252627282930
Since policy matching works on a first-match principle, you must add the deny policy above the accept policy
in the policy list. For more information, see Policy matching and Arranging policies in the policy list.
Adding an incoming policy to deny connections
Add the schedule for denying access. See Schedules.
Add any addresses for which to deny connections. See Addresses
.
Go to Firewall > Policy > Incoming .
Find the policy that you want to deny access to and click Insert Policy before
.
This inserts a new policy in the list above the policy to be denied.
Configure the new policy to match the policy to block.
Select the schedule that you added. Select the address you added.
Set Action to DENY.
For descriptions of the policy fields, see Adding policies.
Click OK to save the policy.
The deny policy is added to the policy list above the policy that accepts connections.
Example policy to deny access:
Controlling connections to the Internet
By default, the DFL-500 accepts all connections from the internal network to the Internet. If you do not want to
enforce restrictions on access to the Internet, you do not have to change anything.
If you want to control connections to the Internet, you have three choices:
Add exceptions to the default policy that deny connections
Add exceptions to the default policy that require authentication
Delete the default policy and then add policies that accept connections
In NAT mode, policies for connections from the internal network to the Internet are added to the Internal to
External (Int to Ext) policies list. In Transparent mode, these policies are added to the Outgoing policies list.
This section describes:
Denying connections to the Internet from the internal network
Accepting connections to the Internet from the internal network
Requiring authentication to connect to the Internet
Denying connections to the Internet from the internal network
Create policies that deny connections to the Internet from the internal network to restrict the full access to the
Internet granted by the default policy.
You can use policies to deny connections:
From addresses on your internal network (see Adding addresses
)
DFL-500 User’s Manual
28