Legacy Products
The resources associated with these products have ceased their development and are no longer supported.
D-Link Systems, Inc. recommends retiring these products and replacing them with products that receive firmware updates.
How do I configure port mapping using additional public IP addresses on the WAN port of my DFL Series Firewall?

This FAQ will demonstrate adding a second public IP address to the WAN Port and then mapping it to a computer that has the remote desktop service running.

Step 1: Open the web browser and type the IP address of the firewall into the address bar, and press Enter. Default IP address for the firewall is:

DFL-210/260/800/860/1600: 192.168.1.1
DFL-260E/860E/1660: 192.168.10.1

Step 2: Click on the plus sign next to Objects, select Address Book, and then select Interface Addresses.

Step 3: Click on Add and then select IP address from the dropdown menu and configure the IP address as followed:

  • Name: enter a name as desired (private_ip in this example)
  • IP Address: enter the IP address of computer that have remote desktop service running

Click on OK.



Step 4: Click on Add and select IP address from the dropdown menu, and configure the IP address as followed:

  • Name: enter a name as desired (public_ip in this example)
  • IP Address: enter the public IP address to be added

Click on OK.



Step 5: Click on the plus sign next to Interfaces, select ARP, click on Add to add an ARP entry and configure the ARP entry as followed:

  • Mode: Publish
  • Interface: wan
  • IP Address: click on the dropdown menu and select public folder created in step #4

Click on OK.



Step 6: Click on the plus sign next to Rules, select IP Rules, click on Add, and then select IP Rule Folder from the dropdown menu.



Step 7: Name the IP Rule Folder as desired and then click on OK.



Step 8: Click on Add and select IP Rule from the dropdown menu, and configure the IP rule as followed:

  • Name: enter a name as desired
  • Action: SAT
  • Service: rdp
  • Schedule: None
  • Source interface: any
  • Source network: all-nets
  • Destination interface: any
  • Destination network: public_ip (created in step 4)



Step 9: Click on the SAT tab and then click on the dropdown menu under New IP Address, selecting private_ip (Created in step 3).

  • Check the box labeled All-to-One Mapping: rewrite all destination IPs to a single IP

Click on OK.



Step 10: Click on Add and create another IP Rule as configure it as followed:

  • Name: enter a name as desired
  • Action: Allow
  • Service: rdp
  • Schedule: None
  • Source interface: any
  • Source network: all-nets
  • Destination interface: any
  • Destination network: public_ip (created in step 4)

Click on OK.



Step 11: Click on Configuration and then select Save and Activate from the dropdown menu. Click on OK to activate your changes.