D-Link DFL-210

Stroke your rabbit foot for good luck before starting to install the DFL-210.

The smallest unit of the D-Link NetDefend family, the DFL-210 is a dark gray metal box about 6 x 8 in., second largest of the group tested but still relatively small. All the connections are in the back with lights for power and status, Ethernet, WAN and DMZ ports on the front. Air vents on both ends and the top mean you need to place the unit in the open for air flow.

Included are two Ethernet patch cables, the power supply and a documentation CD. Unfortunately, the Quick Installation Guide is only on CD, with no paper version. Worse, the guide has errors. Also included are a Firewall Registration Manual (that's on paper) and a serial console cable for a command line interface.

The last two items give a strong clue to the strength of the DFL-210 -- it's much more a complex firewall that supports dual-WAN connections than a small business router with a firewall. D-Link's marketing says this is a Small Office/Home Office (SOHO) product, but nothing could be further from the truth. The most difficult of all units tested to install and configure, this unit will frustrate most small businesses that try to install it themselves. That said, once up and running, the unit was rock solid and did a better job wringing slightly better speed from the dual-WAN connection than all the other units.


The DFL-210 has four Fast Ethernet (100Mbps) network connections, one dedicated WAN port, and a DMZ port that does double duty as the second WAN port. Maximum firewall throughput is 80Mbps, which is better than most of the other units. VPN throughput is up to 25Mbps spread across a maximum of 100 tunnels. A highly configurable firewall leads the security package that includes intrusion detection and intrusion prevention. Tools for traffic management and QoS are included as well as SNMP support.

User authentication through RADIUS and LDAP help the DFL-210 integrate into a large network, another indication this isn't really a SOHO device, but can work fine in a branch office setting. Remote management controls are set by some of the many firewall policies, which include NAT, Port Address Translation (PAT), and Static Address Translation (SAT).

Gather your lucky charms and stroke your rabbit foot for good luck before starting to install the DFL-210. Make your own luck by turning off the popup blocker in your browser on the computer you use to install the unit. Why? The setup screen appears once, only once, as a popup, and if you don't catch it, you have to use a different computer or reset the unit to factory settings and try again. The Setup screen is supposed to be visible on the main status line in the administration software, but it only appears one time on each computer used to run the admin, never to be seen again on the status line or anywhere else unless the unit is reset to factory settings and the process started over.

Since DHCP is disabled (the only unit tested so configured), you must prepare a PC in the 192.168.1.x address range to start the setup process. The first screen rightfully demands you change the admin user's password away from the default, but doesn't enforce or even suggest creating a strong password. Time and timezone settings come next, but an option to add external timeservers doesn't appear until later.

Next, you choose your broadband connection for your WAN interface. Standard options for static, DHCP, PPPoE, and the PPTP follow as with all other units. As a nod toward D-Link's international sales, an option for Big Pond finishes up the list.

Finally you get a chance to turn on the DHCP server to parcel out client addresses, and put your address range for clients. Next you have to add the default gateway (unnecessary in other units) and type in your DNS server IP addresses.

1 2 Page 1
Page 1 of 2
Shop Tech Products at Amazon