Firewall
Configuring NAT Rules to Securely Access a Remote Network
Cisco ISA500 Series Integrated Security Appliances Administration Guide 267
6
NOTE: One-to-one translation will be performed for port range forwarding.
For example, if you want to translate an original TCP service with the port
range of 50000 to 50002 to a TCP service with the port range of 60000 to
60002, then the port 50000 will be translated to the port 60000, the port
50001 will be translated to the port 60001, and the port 50002 will be
translated to the port 60002.
•Translat ed IP: Choose the IP address of your local ser ver that needs to be
translated. If the IP address that you want is not in the list, choose Create a
new address to create a new IP address object. To maintain the IP address
objects, go to the Networking > Address Management page. See Address
Management, page175.
•WAN: Choo se either WAN1 or WAN2, or both as the incoming WAN port.
•WAN IP: Specify the public IP address of the server. You can use the IP
addres s of the s electe d WAN port or a publ ic IP add ress tha t is prov ided by
your ISP. When you choose Both as the incoming WAN port, this option is
grayed out.
•Enable Port Forwarding: Click On to enable the port forwarding rule, or click
Off to create only the port forwarding rule.
•Create Firewall Rule: Check this box to automatically create a firewall rule
to allow access so that the port forwarding rule can function properly. You
must manually create a firewall rule if you uncheck this box.
NOTE: If you choose Both as the incoming WAN port, a firewall rule from Any
zone to Any zone will be created accordingly.
•Description: Enter the name for the port forwarding rule.
STEP 5 Click OK to save your settings.
STEP 6 Click Save to apply your settings.