Firewall
Firewall and NAT Rule Configuration Examples
Cisco ISA500 Series Integrated Security Appliances Administration Guide 276
6
NOTE When you create the port forwarding rule, you can check Create Firewall
Rule to automatically generate the firewall rule.
Allowing Inbound Traffic Using a Public IP AddressUse Case: You host an RDP server on the DMZ. Your ISP has provided a static IP
address that you want to expose to the public as your RDP server address. You
want to allow Internet user to access the RDP server by using the specified public
IP address.
Solution 1: Perform the following tasks to complete the configuration:
STEP 1 Go to the Networking > Address Management page to create a host address
object with the IP 192.168.12.101 called “RDPServer” and a host address object
with the IP 172.39.202.102 called “PublicIP.”
STEP 2 Go to the Networking > Service Management page to create a TCP service object
with the port 3389 called “RDP.”
STEP 3 Go to the Firewall > NAT > Port Forwarding page to create a port forwarding rule
as follows.
Source Address ANY
Destination Address InternalFTP
Match Action Permit
Original Service RDP
Translat ed Serv ice RDP
Translat ed IP RDPServer
WAN WAN1
WAN IP PublicIP
Enable Port
Forwarding
On
Create Firewall Rule On