Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews


Intrusion Detection and Protection is an aspect of the DFL-CPG310 Firewall that increases the Security of your network. In addition to its CheckPoint-developed Stateful Packet Inspection Firewall, the DFL-CPG-310 offers greater levels of security intelligence through its SmartDefend Intrusion Detection and Protection. As you can see in Figure 6, SmartDefend allows for detection of a wide array of specific network attacks, such as Denial of Service, Ping of Death, Worms, and numerous other threats. As I'll discuss in the pricing section, keeping the DFL's security software up to date is a subscription-based service.

Click to enlarge image

Figure 6: SmartDefend IDS/IPS options

The Firewall in the DFL-CPG310 has pre-built options to simplify port forwarding to Web, FTP, Telnet, Email, PPTP/VPN, Microsoft NBT (NetBIOS over TCP/IP), and VoIP (H.323) servers. Standard features, such as the ability to define a DMZ Host, are also available.

It is interesting that D-Link chose to have a pre-built configuration for H.323 VOIP signaling, when SIP VOIP signaling is more common. Nevertheless, building a rule to forward SIP signaling (port 5060) or other TCP/UDP ports can easily be done with the Firewall Rule Wizard.

When you build a Firewall rule, the DFL-CPG310 provides QoS options to allocate bandwidth for specific traffic, a nice feature, especially for VOIP. As you can see in Figure 7, the bandwidth options for port forwarding are Default, Urgent, Important, and Low Priority.

QoS options
Click to enlarge image

Figure 7: Firewall rule QoS bandwidth options

Understanding these options involves the DFL-CPG310's Traffic Shaper, which requires configuring the speed of your WAN connection. Using a network speed test on, my WAN speed came in at 1829Kbps Up and 5367Kbps Down. I used these numbers on the WAN Interface configuration page (see Figure 8) to set an Upstream rate of 1750Kbps and Downstream rate of 5000Kbps, per the manual's recommendation to use settings below actual.

Traffic shaper
Click to enlarge image

Figure 8: Setting the connection speed for traffic shaping

The DFL's QoS settings use relative weight bandwidth allocation based on the Traffic Shaper configuration. Those settings and their weight are Default=10, Urgent=15, Important=20, and Low Priority=5. Thus, traffic assigned a priority of Important (20) will be allocated twice as much bandwidth as Default (10). If you upgrade to the PowerPack, you can configure the QoS settings to utilize more flexible QoS parameters, such as DSCP classifications or your own custom configuration. I'll touch on the PowerPack option under the Pricing section.

Additional subscription-based security features of the DFL-CPG310 include Antivirus and Web Filtering. The Antivirus feature allows for scanning and blocking of email at the gateway level, monitoring SMTP, POP3, and IMAP packets. The Web Filtering feature enables control of web surfing, providing over 30 different categories of web sites to screen, as you can see in Figure 9.

Web filter
Click to enlarge image

Figure 9: Web Filtering configuration

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

I currently have an ASUS RT-AC86U running Merlin, along with a Netgear X4s R7800 as my backup. I'm really bored with Netgear stock firmware and Voxel ...
I have been having some Wi-Fi connection issues lately and am looking for a good "recommended settings" guide, but they are all several years old. Man...
periodically when my router reboots on scheduled reboots, a VPN server may fail to start, might be vpn 1 or vpn2 I am trying to figure out what could ...
I have an ac868u which is connected to the internet via a pppoe modem. For some reason new clients are being assigned the name of the modem by the asu...
About every 2-3 months, my RT-AC68P seems to lock upI cannot login to the web GUI (on the private LAN) and all internet traffic ceases to function (in...

Don't Miss These

  • 1
  • 2
  • 3