User's Manual
Table Of Contents
- Getting Started
- Wizards
- Using the Startup Wizard
- Using the Wireless Wizard to Configure the Wireless Settings for ISA550W and ISA570W
- Using the DMZ Wizard to Configure the DMZ Settings
- Using the Dual WAN Wizard to Configure the WAN Redundancy Settings
- Using the Site-to-Site Wizard to Establish the Site-to-Site VPN Tunnels
- Using the Remote Access Wizard to Establish the IPSec VPN Tunnels or SSL VPN Tunnels for Remote Access
- Status
- Networking
- Configuring IP Routing Mode
- Port Management
- Configuring the WAN
- Configuring the WAN Redundancy
- Configuring the VLAN
- Configuring the DMZ
- Configuring the Zones
- Configuring the Routing
- Dynamic DNS
- IGMP
- VRRP
- Configuring the Quality of Service
- Address Management
- Service Management
- Wireless Configuration for ISA550W and ISA570W
- Firewall
- Configuring the Firewall Access Rules to Control Inbound and Outbound Traffic
- Configuring the Firewall Schedule
- Firewall Access Rule Configuration Examples
- Configuring the NAT Rules to Securely Access a Remote Network
- Configuring the Session Settings
- Configuring the Content Filtering to Control Access to Internet
- Configuring the MAC Filtering to Permit or Block Traffic
- Configuring the IP/MAC Binding to Prevent Spoofing
- Configuring the Attack Protection
- Configuring the Application Level Gateway
- Security Services
- VPN
- About VPN
- Configuring the Cisco IPSec VPN Server
- Configuring the Cisco IPSec VPN Client
- Configuring the Site-to-Site VPN
- Configuring the SSL VPN
- Elements of the SSL VPN
- Configuration Tasks to Establish a SSL VPN Tunnel
- Installing the Cisco AnyConnect VPN Client on User’s PC
- Importing the Certificates for User Authentication
- Configuring the SSL VPN Users
- Configuring the SSL VPN Gateway
- Configuring the SSL VPN Group Policies
- Configuring the SSL VPN Portal
- Configuring the L2TP Server
- Configuring the VPN Passthrough
- Viewing the VPN Status
- User Management
- Device Management
- Remote Management
- Administration
- SNMP
- Configuration Management
- Firmware Management
- Log Management
- Managing the Security License
- Managing the Certificates for Authentication
- Configuring the Email Alert Settings
- Configuring the RADIUS Servers
- Configuring the Time Zone
- Device Discovery
- Diagnosing the Device
- Measuring and Limiting Traffic with the Traffic Meter
- Configuring the ViewMaster
- Configuring the CCO Account
- Configuring the Device Properties
- Configuring the Debug Settings
- Troubleshooting
- Technical Specifications and Environmental Requirements
- Factory Default Settings
- Where to Go From Here
Networking
Configuring the Routing
Cisco ISA500 Series Integrated Security Appliance Administrator Guide 134
4
• Port Passive: Determines how the security appliance receives RIP packets.
Check this box to enable this feature on the interface or VLAN.
• Authentication: If you are using RIPv2, click Edit to specify the
authentication method for the interface or VLAN.
- None: Choose this option to invalidate the authentication.
- Simple Password Authentication: Choose this option to validate the
simple password authentication. Enter the password in the field.
- MD5 Authentication: Choose this option to validate the MD5
authentication. Enter the unique key ID in the MD5 Key ID field and the
Key in the MD5 Auth Key field.
STEP 4 Click Save to apply your settings.
Configuring Policy-based Routing Settings
Policy-based Routing (PBR) allows users to specify the internal IP and/or service
going through a specified WAN port to provide more flexbile and granular traffic
handling capabilities.
This feature can be used to segregate traffic between links that are not of the
same speed. High volume traffic can be routed through the port connected to a
high speed link and low volume traffic can be routed through the port connected
to the slow link.
For example, although HTTP traffics is typically routed through WAN1, by using
PBR you can bind the HTTP protocol to WAN1 and bind the FTP protocol to WAN2.
In this case, the security appliance automatically channels FTP data through
WAN2.
NOTE Make sure that you configure a secondary WAN connection and that the WAN
redundancy is set to the Load Balancing or Routing Table mode before you
configure the policy-based routing settings. See Configuring the Secondary
WAN, page 104 and Configuring the WAN Redundancy, page 112.
NOTE The security appliance supports up to 100 PBR rules.