•
Set the Start date and time for the schedule.
Set Start and Stop times to 00 for the schedule to cover the entire day.
•
Set the Stop date and time for the schedule.
One-time schedules use the 24-hour clock.
•
Select OK to add the one-time schedule.
Creating recurring schedules
You can create a recurring schedule that activates or deactivates policies at specified times of the day or on
specified days of the week. For example, if your DFL-500 NPG is protecting a home office, you may wish to
provide access to different services during working hours than you do on evenings and weekends.
If you create a recurring schedule with a stop time that occurs before the start time, the schedule will start at
the start time and finish at the stop time on the next day. You can use this technique to create recurring
schedules that run from one day to the next. You can also create a recurring schedule that runs for 24 hours
by setting the start and stop times to the same time.
•
Go to Firewall > Schedule > Recurring .
•
Select New to create a new schedule.
•
Enter a Name for the schedule.
The name can contain numbers (0-9), uppercase and lower case letters (A-Z, a-z), and the special
characters - and _. Other special characters and spaces are not allowed.
•
Select the days of the week on which the schedule should be active.
•
Set the Start and Stop hours in between which the schedule should be active.
Recurring schedules use the 24-hour clock.
•
Select OK.
Adding a schedule to a policy
After you have created schedules, you can add them to policies to schedule when the policies are active. You
can add the new schedules to policies when you create the policy, or you can edit existing policies and add a
new schedule to them.
Arrange the policy in the policy list to have the effect that you expect. For example, to use a one-time
schedule to deny access to a policy, add a policy that matches the policy to be denied in every way. Choose
the one-time schedule that you added and set Action to DENY. Then place the policy containing the one-time
schedule in the policy list above the policy to be denied.
Virtual IPs
NAT mode security policies hide the addresses of more secure networks from less secure networks. To allow
connections from a less secure network to an address in a more secure network, you must create an external
address in the less secure network and map that address to a real address in the more secure network. This
association is called a virtual IP.
For example, if the computer hosting your web server is located on your internal network, it could have a
private IP address such as 192.168.1.10. To get packets from the Internet to your web server, you must
DFL-500 User Manual
35