Cisco Systems ISA550 Manual De Usuario
Firewall
Configuring NAT Rules to Securely Access a Remote Network
Cisco ISA500 Series Integrated Security Appliances Administration Guide
266
6
STEP 5
Click Save to apply your settings.
Configuring Port Forwarding Rules
Port forwarding forwards a TCP/IP packet traversing a Network Address
Translation (NAT) gateway to a pre-determined network port on a host within a
NAT-masqueraded network, typically a private network based on the port number
on which it was received at the gateway from the originating host.
Translation (NAT) gateway to a pre-determined network port on a host within a
NAT-masqueraded network, typically a private network based on the port number
on which it was received at the gateway from the originating host.
Use the Port Forwarding page to assign a port number to a service that is
associated with the application that you want to run, such as web servers, FTP
servers, email servers, or other specialized Internet applications.
associated with the application that you want to run, such as web servers, FTP
servers, email servers, or other specialized Internet applications.
NOTE
•
Up to 64 port forwarding rules can be configured on the security appliance.
You must create firewall rules to allow access so that the port forwarding
rules can function properly.
You must create firewall rules to allow access so that the port forwarding
rules can function properly.
•
To open an internal FTP server to the Internet, make sure that the FTP server
is listening on TCP port 21 or both the FTP server and client must use the
active mode when the FTP server is listening on some other TCP port.
Otherwise the FTP client cannot access the FTP server.
is listening on TCP port 21 or both the FTP server and client must use the
active mode when the FTP server is listening on some other TCP port.
Otherwise the FTP client cannot access the FTP server.
STEP 1
Click Firewall > NAT > Port Forwarding.
STEP 2
To enable a port forwarding rule, check the box in the Enable column.
STEP 3
To add a port forwarding rule, click Add.
Other options: To edit an entry, click the Edit (pencil) icon. To delete an entry, click
the Delete (x) icon. To delete multiple entries, check them and click Delete.
the Delete (x) icon. To delete multiple entries, check them and click Delete.
The Port Forwarding Rule - Add/Edit window opens.
STEP 4
Enter the following information:
•
Original Service: Choose an existing service as the incoming service.
•
Translated Service: Choose a service as the translated service or choose
Original if the translated service is same as the incoming service. If the
service that you want is not in the list, choose Create a new service to
create a new service object. To maintain the service objects, go to the
Networking > Service Management page. See
Original if the translated service is same as the incoming service. If the
service that you want is not in the list, choose Create a new service to
create a new service object. To maintain the service objects, go to the
Networking > Service Management page. See