Cisco Systems ISA550

Configuration Wizards

Using the Setup Wizard for the Initial Configuration

Cisco ISA500 Series Integrated Security Appliances Administration Guide 46

STEP 34 In the DMZ Service - Add/Edit window, enter the following information:

•Original Service: Choose a service as the incoming ser vice.

•Translat ed Serv ice: Choose a service as the translated servic e or choose

Original if the translated service is same as the incoming service. If the

service that you want is not in the list, choose Create a new service to

create a new service object. To maintain the service objects, go to the

Networking > Service Management page. See Service Management ,

page177.

NOTE: One-to-one translation will be performed for port range forwarding.

For example, if you want to translate an original TCP service with the port

range of 50000 to 50002 to a TCP service with the port range of 60000 to

60002, then the port 50000 will be translated to the port 60000, the port

50001 will be translated to the port 60001, and the port 50002 will be

translated to the port 60002.

•Translat ed IP: Choose the IP address of your local ser ver that needs to be

translated. If the IP address that you want is not in the list, choose Create a

new address to create a new IP address object. To maintain the IP address

objects, go to the Networking > Address Management page. See Address

Management, page175.

•WAN: Choo se either WAN1 or WAN2, or both as the incoming WAN port.

•WAN IP: Specify the public IP address for the server. You can use the IP

addres s of the s electe d WAN port or a publ ic IP add ress tha t is prov ided by

your ISP. When you choose Both as the incoming WAN port, this option is

grayed out.

•Enable DMZ Service: Click On to enable the DMZ service, or click Off to

create only the DMZ service.

•Create Firewall Rule: Check this box to automatically create a firewall rule

to allow access for this DMZ service. You must manually create a firewall rule

if you uncheck this box.

NOTE: If you choose Both as the incoming WAN port, a firewall rule from Any

zone to Any zone will be created accordingly.

•Description: Enter the name for the DMZ service.