Table of Contents
Advertisement
Firewall
Configuring the NAT Rules to Securely Access a Remote Network
NOTE
STEP 1
STEP 2
STEP 3
STEP 4
Cisco ISA500 Series Integrated Security Appliance Administrator Guide
•
Priorities of NAT Rules, page 200
Configuring Dynamic PAT Rules
Dynamic PAT can only be used to establish connections from private network to
public network. Dynamic PAT translates multiple private addresses to one or more
public IP address.
For the duration of the translation, a remote host can initiate a connection to the
translated host if a firewall access rule allows it. Because the port address (both
real and mapped) is unpredictable, a connection to the host is unlikely.
Nevertheless, in this case you can rely on the security of the firewall access rules.
Click Firewall -> NAT -> Dynamic PAT.
The Dynamic PAT window opens.
Specify the PAT IP address for each WAN interface.
•
Auto: Use the IP address of the WAN port as the translated IP address.
•
Manual: Choose a single public IP address or a network address as the
translated IP address. If the address object you want is not in the list, choose
Create an IP Address to create a new address object. To maintain the
address objects, go to the Networking -> Address Object Management
page. See
Address Management, page
Translate multiple private IP addresses of a VLAN to one or more mapped IP
addresses.
•
Enable WAN1: Check this box to translate all IP addresses of the selected
VLAN into the public IP address specified on the WAN1 port.
•
Enable WAN2: Check this box to translate all IP addresses of the selected
VLAN into the public IP address specified on the WAN2 port.
•
VLAN IP: The subnet IP address and netmask of the selected VLAN.
Click Save to apply your settings.
152.
6
193
Hide quick links:
Advertisement
Table of Contents
