DFL-800 IP Mapping - D-Link

Download Report

Transcript DFL-800 IP Mapping - D-Link 

D-Link Security
Scenario & Hands-on 4-1
Port mapping for server
Network topology
WAN1
IP: 192.168.174.70/24
FTP Server
IP:192.168.174.71/24
FTP Server
172.16.1.1
DMZ
Internal LAN3
IP: 192.168.3.0/24
Internal LAN1
IP: 192.168.1.0/24
1
Internal LAN2
IP: 192.168.2.0/24
D-Link Security
Scenario & Hands-on 4-1
Port mapping for server
Objectives
 Access the FTP server by public IP address
Configuration logics
 Create objects of public and private IP addresses for FTP server
 Create ARP object in ARP Table
 Cerate the IP rule (SAT and allow) for FTP server
2
D-Link Security
Scenario & Hands-on 4-1
1
2
3
4
5
Port mapping for server
Add the objects of both public and virtual IP addresses for FTP server
*Click “Address Book” under Objects
•Key in the correct IP addresses
3
D-Link Security
Scenario & Hands-on 4-1
1
2
3
4
5
Create the object in ARP Table
•Click “ARP Table” under “Interfaces”
•Apply objects with the FTP IP address
4
Port mapping for server
D-Link Security
Scenario & Hands-on 4-1
1
5
2
3
4
5
Port mapping for server
Create the IP rule to map FTP server (SAT)
•Click “IP Rule” under “Rules”
•Choose the correct Action,Service,Interface,SAT setting and Network for the
D-Link Security
Scenario & Hands-on 4-1
1
6
2
3
4
5
Port mapping for server
Create the IP rule to allow FTP server (allow FTP)
•Click “IP Rule” under “Rules”
•Choose the correct Action,Service,Interface and Network for the rule
D-Link Security
Scenario & Hands-on 4-1
1
2
3
4
5
Port mapping for server
After all configuration , Click “configuration” in main bar
• Click “Save and Active”
7
D-Link Security
Scenario & Hands-on 4-1
Port mapping for server
Succeed to get in FTP server
8
D-Link Security
Scenario & Hands-on 4-1
Exercise 4-1 - Port mapping for server
WAN1:DHCP
FTP Server: Group public IP address
FTP Server
Group private IP
Goal:
1.
9
Access to FTP server from
Internet
DMZ
FTP Server public IP
FTP Server private IP
Group1: 192.168.200.51/24
Group2: 192.168.200.52/24
.
.
Group9: 192.168.200.59/24
Group10: 192.168.200.60/24
Group1: 172.17.101.1/24
Group2: 172.17.102.1/24
.
.
Group9: 172.17.109.1/24
Group10: 172.17.110.1/24
D-Link Security
Scenario & Hands-on 4-2
SAT and server load balance
WAN1
IP: 192.168.174.70/24
FTP Server
IP:192.168.174.71/24
FTP Server-1
172.16.1.1
Network topology
FTP Server-1
172.16.1.2
DMZ
Internal LAN3
IP: 192.168.3.0/24
Internal LAN1
IP: 192.168.1.0/24
10
Internal LAN2
IP: 192.168.2.0/24
D-Link Security
Scenario & Hands-on 4-2
SAT and server load balance
Objectives
 Access two FTP servers by one public IP address
Configuration logics
 Create objects of public and private IP addresses for two FTP servers
 Create ARP object in ARP Table
 Cerate the IP rule (SAT_SLB and allow) for FTP server
11
D-Link Security
Scenario & Hands-on 4-2
1
2
3
4
5
6
Add the public IP address object for two FTP servers
•Click “Address Book” under “Objects”
•Key in the correct IP address
12
SAT and server load balance
D-Link Security
Scenario & Hands-on 4-2
1
2
3
4
5
6
SAT and server load balance
Add two virtual IP address objects for two FTP servers
•Click “Address Book” under “Objects”
•Key in the correct IP address
13
D-Link Security
Scenario & Hands-on 4-2
1
2
3
4
5
6
Apply the object of IP address to ARP Table
•Click “ARP Table” under “Interfaces”
•Apply objects for the FTP IP address
14
SAT and server load balance
D-Link Security
Scenario & Hands-on 4-2
1
15
2
3
4
5
6
SAT and server load balance
Create the IP rule of FTP server
•Click “IP Rule” in Rules
•Choose correct Action,Service,Interface,SLB_SAT and Network in the rule
D-Link Security
Scenario & Hands-on 4-2
1
16
2
3
4
5
6
SAT and server load balance
Create the IP rule to allow FTP server (allow FTP)
•Click “IP Rule” in Rules
•Choose correct Action,Service,Interface and Network in the rule
D-Link Security
Scenario & Hands-on 4-2
1
2
3
4
5
6
SAT and server load balance
After all configuration , Click “configuration” on main menu bar
• Click “Save and Activate”
17