152
– Traffic from the internal interface need to be NATed:
Rules
IP Rules
General:
Name: NAT-ftp
Action: NAT
Service: ftp-inbound
Address Filter:
Source
Interface: dmz
Network: dmz-net
NAT:
Check Use Interface Address
Then click OK.
– Allow incoming connections (SAT needs a second Allow rule):
Rules
IP Rules
General:
Name: Allow-ftp
Action: Allow
Service: ftp-inbound
Address Filter:
Source
Interface: any
Network: all-nets
Then click OK.
Chapter 18. Application Layer Gateway (ALG)
Add
IP Rule:
Destination
core
ip-ext
Add
IP Rule:
Destination
core
ip-ext
D-Link Firewalls User's Guide