Cisco Systems ISA550 Manual De Usuario

Firewall

Firewall and NAT Rule Configuration Examples

Cisco ISA500 Series Integrated Security Appliances Administration Guide

274

Firewall and NAT Rule Configuration Examples

This section provides some configuration examples on adding firewall and NAT
rules.

•

Allowing Inbound Traffic Using the WAN IP Address, page 274

•

Allowing Inbound Traffic Using a Public IP Address, page 276

•

Allowing Inbound Traffic from Specified Range of Outside Hosts,
page 279

•

Blocking Outbound Traffic by Schedule and IP Address Range,
page 280

•

Blocking Outbound Traffic to an Offsite Mail Server, page 280

Allowing Inbound Traffic Using the WAN IP Address

Use Case: You host a FTP server on your LAN. You want to open the FTP server to
Internet by using the IP address of the WAN1 port. Inbound traffic is addressed to
your WAN1 IP address but is directed to the FTP server.

Solution: Perform the following tasks to complete the configuration:

STEP 1

Go to the Networking > Address Management page to create a host address
object with the IP 192.168.75.100 called “InternalFTP.”

STEP 2

Go to the Firewall > NAT > Port Forwarding page to create a port forwarding rule
as follows.

Translated Source
Address

WAN1_IP

Translated
Destination Address

FTPServer

Translated Services

FTP-CONTROL