Firewall

6

 

Firewall and NAT Rule Configuration Examples

 

 

 

 

 

Source Address

ANY

 

 

Destination Address

InternalFTP

 

 

Match Action

Permit

 

 

NOTE When you create the port forwarding rule, you can check Create Firewall

Rule to automatically generate the firewall rule.

Allowing Inbound Traffic Using a Public IP Address

Use Case: You host an RDP server on the DMZ. Your ISP has provided a static IP address that you want to expose to the public as your RDP server address. You want to allow Internet user to access the RDP server by using the specified public IP address.

Solution 1: Perform the following tasks to complete the configuration:

STEP 1 Go to the Networking > Address Management page to create a host address object with the IP 192.168.12.101 called “RDPServer” and a host address object with the IP 172.39.202.102 called “PublicIP.”

STEP 2 Go to the Networking > Service Management page to create a TCP service object with the port 3389 called “RDP.”

STEP 3 Go to the Firewall > NAT > Port Forwarding page to create a port forwarding rule as follows.

Original Service

RDP

 

 

Translated Service

RDP

 

 

Translated IP

RDPServer

 

 

WAN

WAN1

 

 

WAN IP

PublicIP

 

 

Enable Port

On

Forwarding

 

 

 

Create Firewall Rule

On

 

 

Cisco ISA500 Series Integrated Security Appliances Administration Guide

276

Page 276
Image 276
Casio ISA550WBUN3K9 Allowing Inbound Traffic Using a Public IP Address, Rdp, Translated IP RDPServer, WAN WAN1 WAN IP