Firewall Configuration
Configuring Firewall Rules to Control Inbound and Outbound Traffic
NOTE
STEP 1
Cisco SA 500 Series Security Appliances Administration Guide
•
Port triggers
This section includes these topics:
•
Preliminary Tasks for Firewall Rules, page 122
•
Configuring the Default Outbound Policy, page 125
•
Configuring a Firewall Rule for Outbound Traffic, page 126
•
Configuring a Firewall Rule for Inbound Traffic, page 129
For detailed examples, see
Preliminary Tasks for Firewall Rules
Depending on the firewall settings that you want to apply, you might need to
complete these tasks before you can configure your firewall rule:
•
If you want to create rules that apply to custom services, first create the
records for the services. See
•
If you want to create rules that apply only on specified days and times, first
create the schedules. See
page
123.
•
If you want to use additional public IP addresses (typically assigned by your
ISP) for firewall rules other than the IP address configured on the WAN
interface. See
Creating Custom Services
The security appliance is configured with a long list of standard services that you
can use to configure firewall rules and port forwarding rules. (See
"Standard
Services.") If you need to configure a firewall rule for a service that is
not on the standard list, first you must identify the service by entering a name,
specifying the type, and assigning the port range.
Click Firewall on the menu bar, and then click Firewall > Services in the navigation
tree.
Firewall Rule Configuration Examples, page
Creating Custom Services, page
Creating Schedules for a Firewall Rules,
Configuring IP Aliases for WAN interfaces, page
5
133.
122.
125.
Appendix B,
122