Configuration Wizards
Using the DMZ Wizard to Configure DMZ Settings
Cisco ISA500 Series Integrated Security Appliances Administration Guide 75
2
•WAN IP: Specify the public IP address for the server. You can use the IP
addres s of the s electe d WAN port or a publ ic IP add ress tha t is prov ided by
your ISP. When you choose Both as the incoming WAN port, this option is
grayed out.
•Enable DMZ Service: Click On to enable the DMZ service, or click Off to
create only the DMZ service.
•Create Firewall Rule: Check this box to automatically create a firewall rule
to allow access for this DMZ service. You must manually create a firewall rule
if you uncheck this box.
NOTE: If you choose Both as the incoming WAN port, a firewall rule from Any
zone to Any zone will be created accordingly.
•Description: Enter the name for the DMZ service.
For example, you host an RDP server (192.168.12.101) on the DMZ. Your ISP
has provided a static IP address (172.39.202.102) that you want to expose to
the public as your RDP server address. You can create a DMZ service as
follows to allow Internet user to access the RDP server by using the
specified public IP address.
NOTE: In the above example, you must manually create two address objects (RDPServer
and PublicIP) and a TCP service object with the port 3389 called “RDP.”
STEP 18 Click OK to save your settings.
STEP 19 After you are finished, click Next.
Original Service RDP
Translat ed Serv ice RDP
Translat ed IP RDPServer
WAN WAN1
WAN IP PublicIP
Enable DMZ Service On
Create Firewall Rule On