D-Link DSR-Series User Manual 182
Section 8 - Security
Path: Security > Firewall > Firewall Rules > IPv4 Firewall Rules or IPv6 Firewall Rules
Inbound (WAN to LAN/DMZ) rules restrict access to traīc entering your network, selectively allowing only
speciīc outside users to access speciīc local resources. By default all access from the insecure WAN side are
blocked from accessing the secure LAN, except in response to requests from the LAN or DMZ. To allow outside
devices to access services on the secure LAN, you must create an inbound īrewall rule for each service.
If you want to allow incoming traīc, you must make the routerās WAN port IP address known to the public. This is
called āexposing your host.ā How you make your address known depends on how the WAN ports are conīgured;
for this router you may use the IP address if a static address is assigned to the WAN port, or if your WAN address
is dynamic a DDNS (Dynamic DNS) name can be used.
Outbound (LAN/DMZ to WAN) rules restrict access to traīc leaving your network, selectively allowing only
speciīc local users to access speciīc outside resources. The default outbound rule is to allow access from the
secure zone (LAN) to either the public DMZ or insecure WAN. On other hand, the default outbound rule is to
deny access from DMZ to insecure WAN. You can change this default behavior on the IPv4 or IPv6 Firewall
Rules page (Security> Firewall > Firewall Rules > IPv4 Firewall Rules or IPv6 Firewall Rules), under Default
Outbound Policy for IPv4 or IPv6 section. When the Default Outbound Policy is Allow Always, it permits any
outbound traīc to pass through the īrewall and reach the WAN. When the Default Outbound Policy is Block
Always, the router admin will conīgure the īrewall and application rules in order to permit outbound traīc
from LAN and DMZ addresses.
To create a new īrewall rule:
1. Click Security > Firewall > IPv4 Firewall Rules tab or IPv6 Firewall Rules tab.
Firewall
Firewall Rules
IPv4 & IPv6 Firewall Rules