8-19
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter8 Create Firewall
How Do I...
How Do I Modify an Existing Firewall to Permit Traffic from a New Network or Host?
You can use the Edit Firewall Policy tab to modify your firewall configuration to
permit traffic from a new network or host.
Step1 From the left frame, select Firewall and ACL.
Step2 Click the Edit Firewall Policy tab.
Step3 In the traffic selection panel select a From interface and a To interface to specify
the traffic flow to which the firewall has been applied, and click Go. A firewall
icon will appear in the router graphic if a firewall has been applied to the traffic
flow. If the traffic flow you select does not display the access rule you need to
modify, select a different From interface or a different To interface.
Step4 Examine the access rule in the Service area. Use the Add button to disp.lay a
dialog for a new access rule entry.
Step5 Enter a permit statement for the network or host you want to a llow access to the
network. Click OK in the rule entry dialog.
Step6 The new entry appears in the service area..
Step7 Use the Cut and Paste buttons to reorder the entry to a different position in the
list if you need to do so.
How Do I Configure NAT on an Unsupported Interface?
Cisco SDM can configure Network Address Translation (NAT) on an interface
type unsupported by Cisco SDM. Before you can configure the firewall, you must
first use the router CLI to configure the interface. The interface must have, at a
minimum, an IP address configured, and it must be working. To verify that the
connection is working, verify that the interface status is “Up.”
After you have configured the unsupported interface using the CLI, yo u can
configure NAT . The unsupported interface will appear as “Other” on the router
interface list.