Firewall
Configuring NAT Rules to Securely Access a Remote Network
Cisco ISA500 Series Integrated Security Appliances Administration Guide 261
6
Email Alert, Remote Logs, and Local Log settings if you want to send firewall logs
to a specified email address, save firewall logs to your local syslog daemon, and
save firewall logs to a specified remote syslog server. See Configuring Log
Settings, page 444.
STEP 3 Go to the Device Management > Logs > Log Facilities page to enable Email
Alert, Local Log, and/or Remote Log for the firewall facility.
• To send firewall logs to a specified email address, check the box of Email
Alert for the Firewall facilit y.
• To save firewall logs to the local syslog daemon, check the box of Local Log
for the Firewall facility.
• To save firewall logs to the remote syslog server, check the box of Remote
Log for th e Firewall facilit y.
STEP 4 After you configure the firewall logging settings, go to the Device Management >
Logs > View Logs page to view firewall logs. Choose Firewall from the Log
Facility drop-down list to view firewall logs. You can filter firewall logs by the
severity level or by the source and destination IP addresses. See Viewi ng Logs ,
page 442.
Configuring NAT Rules to Securely Access a Remote NetworkNetwork Address Translation (NAT) enables private IP networks to connect to the
Internet. NAT replaces a private IP address with a public IP address, translating the
private addresses in the internal private network into legal, routable addresses
that can be used on the public Internet. In this way, NAT conserves public
addresses because it can be configured to advertise only one public address for
the entire network to the outside world.
NAT can also provide the following benefits:
•Security: Keeping internal IP addresses hidden discourages direct attacks.
•IP routing solutions: Overlapping IP addresses are not a problem when
you use NAT.
•Flexibility: You can change internal IP addressing schemes without
affecting the public addresses available externally; for example, for a server
accessible to the Internet, you can maintain a fixed IP address for Internet
use, but internally, you can change the server address.