Table of Contents
Advertisement
Internet Security Router User's Manual
Field
IP Address, Subnet,
Range and IP Pool
Source Port
This option allows you to set the source port to which this rule should apply. Use the drop-down list to
select one of the following options:
Any
Single
Port Number
Range
Begin
End
Destination Port
This option allows you to set the destination port to which this rule should apply. Use the drop-down
list to select one of the following options:
Any
Single, Range
Service
Protocol
This option allows you to select protocol type from a drop-down list. Available settings are All, TCP,
UDP, ICMP, AH and ESP. Note that if you select "service" for the destination port, this option will not
be available.
NAT
This option allows you to select the type of NAT for the inbound traffic.
None
IP Address
NAT Pool
Description
Select any of these options and enter details as described in the Source IP
section above.
Select this option if you want this rule to apply to all applications with an
arbitrary source port number.
This option allows you to apply this rule to an application with a specific
source port number.
Enter the source port number
Select this option if you want this rule to apply to applications with this port
range. The following fields become available for entry when this option is
selected.
Enter the starting port number of the range
Enter the ending port number of the range
Select this option if you want this rule to apply to all applications with an
arbitrary destination port number.
Select any of these and enter details as described in the Source Port
section above.
This option allows you to select any of the pre-configured services
(selectable from the drop-down list) instead of the destination port. The
following are examples of services:
BATTLE-NET, PC-ANYWHERE, FINGER, DIABLO-II, L2TP, H323GK,
CUSEEME, MSN-ZONE, ILS, ICQ_2002, ICQ_2000, MSN, AOL, RPC,
RTSP7070, RTSP554, QUAKE, N2P, PPTP, MSG2, MSG1, IRC, IKE,
H323, IMAP4, HTTPS, DNS, SNMP, NNTP, POP3, SMTP, HTTP, FTP,
TELNET.
Note: service is a combination of protocol and port number. They appear
here after you add them in the "Firewall Service" configuration page.
Select this option if you don't intend to use NAT in this inbound ACL rule.
Select this option to specify the IP address of the computer (usually a server
in your LAN) that you want the incoming traffic to be directed. Note this
option is called reverse NAPT or virtual server.
Select this option to associate a pre-configured NAT pool to the rule. Note
that only reverse static NAT and reverse NAPT pool can be used to
Chapter 9. Configuring Firewall/NAT Settings
51
Hide quick links:
Advertisement
Table of Contents
