Cisco Systems ISA550 General Firewall Settings

Firewall

Configuring Firewall Rules to Control Inbound and Outbound Traffic

Cisco ISA500 Series Integrated Security Appliances Administration Guide 256

• To create a firewall rule that applies to a specific service or service group,

first create the service or service group. See Service Management ,

page177.

• To create a firewall rule that applies only to a specific address or address

group, first create the address or address group. See Address

Management, page175.

• To create a firewall rule that applies only at a specific day and time, first

create the schedule. See Configuring Schedules, page 449.

General Firewall Settings

STEP 1 Click Firewall > Ac cess Control > ACL Rules.

The ACL Rules window opens. The firewall rules appear in the ACL Control List

(ACL) table. The table includes all firewall rules for controlling traffic from a

particular zone to a particular destination.

STEP 2 The firewall rules are sorted by the priority. You can reorder the custom firewall

rules by the priority. You can move a rule up, move a rule down, or move it to a

specified location in the list.

• To move the rule up one position, click the Move up icon.

• To move the rule down one position, click the Move down icon.

• To move the rule to a specific location, click the Move icon and enter the

target index number to move the selected rule to.

For example: A target index of 2 moves the rule to position 2 and moves the

other rules down to position 3 in the list.

NOTE: You cannot reorder the default firewall rules and VPN firewall rules.

The custom firewall rules cannot be moved lower than the default firewall

rules and VPN firewall rules.

STEP 3 To view the list of firewall rules that belong to the same group, choose the source

and destination from the From Zone and To Zo ne drop-down lists and click Apply.

Only the rules for the specified zones appear.

For example: If you choose WAN from the From Zone drop-down list and choose

LAN from the To Z one drop-down list, only the firewall rules from WAN to LAN

appear.

STEP 4 You can perform other tasks for firewall rules: