Firewall
Configuring NAT Rules to Securely Access a Remote Network
Cisco ISA500 Series Integrated Security Appliances Administration Guide 265
6
Configuring Static NAT Rules
Static NAT creates a fixed translation of a real address to a mapped address.
Because the mapped address is the same for each consecutive connection, static
NAT allows bidirectional connection initiation, both to and from the host (if a
firewall rule allows it). With dynamic PAT, on the other hand, each host uses a
different address or port for each subsequent translation, so bidirectional initiation
is not supported.
Up to 64 static NAT rules can be configured on the security appliance. You must
create firewall rules to allow access so that the static NAT rules can function
properly.
NOTE Remote management will not work if you configure a static NAT rule that maps an
internal server to the WAN IPaddress. For example, if you create a static NAT rule
that maps 192.168.75.100 to the WAN IPaddress, 173.39.202.68, then remote users
will not have access to the configuration utility via http://173.39.202.68:8080.
STEP 1 Click Firewall > NAT > Static NAT.
STEP 2 To add a static NAT rule, click Add.
Other options: To edit an entry, click the Edit (pencil) icon. To delete an entry, click
the Delete (x) icon. To delete multiple entries, check them and click Delete.
The Static NAT Rule - Add/Edit window opens.
STEP 3 Enter the following information:
WAN: Choo se either WAN1 or WAN2 as the WAN port.
Public IP: Choose an IP address object as the public IP address.
Private IP: Choose an IP address object as the private IP address.
If the IP address that you want is not in the list, choose Create a new
address to create a new IP address object. To maintain the IP address
objects, go to the Networking > Address Management page. See Address
Management, page175.
NOTE: Firewall rules must be configured to allow access. You can go to the
Firewall > Acces s Control > ACL Rules page or click the Create Rule link
to do this, but save your settings on this page first.
STEP 4 Click OK to save your settings.