background image
Internet Security Router User
’s Manual
Chapter 9. Configuring Firewall/NAT Settings
51
Field
Description
IP Address, Subnet,
Range and IP Pool
Select any of these options and enter details as described in the Source IP
section above.
Source Port
This option allows you to set the source port to which this rule should apply. Use the drop-down list to
select one of the following options:
Any
Select this option if you want this rule to apply to all applications with an
arbitrary source port number.
Single
This option allows you to apply this rule to an application with a specific
source port number.
Port Number
Enter the source port number
Range
Select this option if you want this rule to apply to applications with this port
range. The following fields become available for entry when this option is
selected.
Begin
Enter the starting port number of the range
End
Enter the ending port number of the range
Destination Port
This option allows you to set the destination port to which this rule should apply. Use the drop-down
list to select one of the following options:
Any
Select this option if you want this rule to apply to all applications with an
arbitrary destination port number.
Single, Range
Select any of these and enter details as described in the Source Port
section above.
Service
This option allows you to select any of the pre-configured services
(selectable from the drop-down list) instead of the destination port. The
following are examples of services:
BATTLE-NET, PC-ANYWHERE, FINGER, DIABLO-II, L2TP, H323GK,
CUSEEME, MSN-ZONE, ILS, ICQ_2002, ICQ_2000, MSN, AOL, RPC,
RTSP7070, RTSP554, QUAKE, N2P, PPTP, MSG2, MSG1, IRC, IKE,
H323, IMAP4, HTTPS, DNS, SNMP, NNTP, POP3, SMTP, HTTP, FTP,
TELNET.
Note: service is a combination of protocol and port number. They appear
here after you add them in the
“Firewall Service” configuration page.
Protocol
This option allows you to select protocol type from a drop-down list. Available settings are All, TCP,
UDP, ICMP, AH and ESP. Note that if you select
“service” for the destination port, this option will not
be available.
NAT
This option allows you to select the type of NAT for the inbound traffic.
None
Select this option if you don
’t intend to use NAT in this inbound ACL rule.
IP Address
Select this option to specify the IP address of the computer (usually a server
in your LAN) that you want the incoming traffic to be directed. Note this
option is called reverse NAPT or virtual server.
NAT Pool
Select this option to associate a pre-configured NAT pool to the rule. Note
that only reverse static NAT and reverse NAPT pool can be used to