Manualshelf

User manual

ManualsBrandsD-Link ManualsNetworkingDFL-160
21222324252627282930
NAT Mode
This mode enables Dynamic Network Address Translation (NAT) use between the LAN and
WAN interfaces. This means that the individual IP addresses of hosts on the LAN interface will
be hidden from the public internet. All traffic coming from the public Internet to LAN hosts will
be directed to the public IP address of the WAN interface and NetDefendOS will perform the
necessary IP address translation.
Enabling NAT is a recommended way to shield the users and hosts on the LAN network from
outside attack. It also means that a DFL-160 requires just a single public IP address to be
allocated by the ISP.
Router Mode
This is the mode used if NAT is not used. It means that each the individual hosts and users on
the LAN network need their own public IP addresses if they are to communicate with the public
Internet.
Although not recommended when WAN is connected to the public internet, there may be
situations where NAT cannot be applied and the individual LAN network addresses need to be
exposed through the WAN interface.
In some scenarios, the WAN interface may be connected to another internal network and in this
case NAT usage may also not be appropriate because there is no need to shield LAN addresses
and there are lots of internal IP addresses that can be used.
Transparent Mode
This mode is used if the DFL-160 is to be placed between the LAN and WAN interface in a
transparent way. This means that no IP addresses need to be changed in either network, but the
traffic flowing between the interfaces is still subject to the rules and controls imposed by
NetDefendOS.
In transparent mode, NetDefendOS works out from the traffic itself which networks can be
found on the interfaces and creates the necessary entries in its routing table.
Note
In transparent mode, the LAN interface takes on the same IP address as the WAN
interface.
If both the LAN and DMZ interfaces have transparent mode enabled, traffic will flow
transparently between all 3 of the DFL-160 interfaces.
C. DHCP Server Settings
With this option enabled, a range of IP addresses can be allocated which can then be allocated out to
hosts on the network that need them. The presentation of the DHCP server options in the web
interface is shown below.
In most scenarios, the LAN network will be an "internal" network that does not require public IP
addresses. However, if a range of public IP addresses are allocated by the ISP these could also be
allocated using this feature.
NetDefendOS also allows a DHCP Reservations list to be created. These bind a certain IP address
3.3. LAN Settings Chapter 3. The System Menu
28