Figure 108 Creating the NAT Entry
7.10.3 Set Up a Firewall Rule
The firewall blocks traffic from the WAN zone to the DMZ zone by default so you need to create a
firewall rule to allow the public to send HTTP traffic to IP address 1.1.1.1 in order to access the
HTTP server. If a domain name is registered for IP address 1.1.1.1, users can just go to the domain
name to access the web server.
Click Configuration > Firewall > Add. Set the From field as WAN and the To field as DMZ. Set
1
the Destination to the HTTP server's DMZ IP address object (DMZ_HTTP). DMZ_HTTP is the
destination because the ISG50 applies NAT to traffic before applying the firewall rule. Set the
Access field to allow and the Service to HTTP, and click OK.
ISG50 User's Guide
Chapter 7 General Tutorials
131