User's Manual
Table Of Contents
- Getting Started
- Wizards
- Using the Startup Wizard
- Using the Wireless Wizard to Configure the Wireless Settings for ISA550W and ISA570W
- Using the DMZ Wizard to Configure the DMZ Settings
- Using the Dual WAN Wizard to Configure the WAN Redundancy Settings
- Using the Site-to-Site Wizard to Establish the Site-to-Site VPN Tunnels
- Using the Remote Access Wizard to Establish the IPSec VPN Tunnels or SSL VPN Tunnels for Remote Access
- Status
- Networking
- Configuring IP Routing Mode
- Port Management
- Configuring the WAN
- Configuring the WAN Redundancy
- Configuring the VLAN
- Configuring the DMZ
- Configuring the Zones
- Configuring the Routing
- Dynamic DNS
- IGMP
- VRRP
- Configuring the Quality of Service
- Address Management
- Service Management
- Wireless Configuration for ISA550W and ISA570W
- Firewall
- Configuring the Firewall Access Rules to Control Inbound and Outbound Traffic
- Configuring the Firewall Schedule
- Firewall Access Rule Configuration Examples
- Configuring the NAT Rules to Securely Access a Remote Network
- Configuring the Session Settings
- Configuring the Content Filtering to Control Access to Internet
- Configuring the MAC Filtering to Permit or Block Traffic
- Configuring the IP/MAC Binding to Prevent Spoofing
- Configuring the Attack Protection
- Configuring the Application Level Gateway
- Security Services
- VPN
- About VPN
- Configuring the Cisco IPSec VPN Server
- Configuring the Cisco IPSec VPN Client
- Configuring the Site-to-Site VPN
- Configuring the SSL VPN
- Elements of the SSL VPN
- Configuration Tasks to Establish a SSL VPN Tunnel
- Installing the Cisco AnyConnect VPN Client on User’s PC
- Importing the Certificates for User Authentication
- Configuring the SSL VPN Users
- Configuring the SSL VPN Gateway
- Configuring the SSL VPN Group Policies
- Configuring the SSL VPN Portal
- Configuring the L2TP Server
- Configuring the VPN Passthrough
- Viewing the VPN Status
- User Management
- Device Management
- Remote Management
- Administration
- SNMP
- Configuration Management
- Firmware Management
- Log Management
- Managing the Security License
- Managing the Certificates for Authentication
- Configuring the Email Alert Settings
- Configuring the RADIUS Servers
- Configuring the Time Zone
- Device Discovery
- Diagnosing the Device
- Measuring and Limiting Traffic with the Traffic Meter
- Configuring the ViewMaster
- Configuring the CCO Account
- Configuring the Device Properties
- Configuring the Debug Settings
- Troubleshooting
- Technical Specifications and Environmental Requirements
- Factory Default Settings
- Where to Go From Here
Networking
Address Management
Cisco ISA500 Series Integrated Security Appliance Administrator Guide 153
4
- Host: Defines a single host by its IP address. The netmask for a Host
address object will automatically be set to 32-bit (255.255.255.255) to
identify it as a single host. If you choose Host, enter the IP address of the
host in the IP Address field.
- Range: Defines a range of contiguous IP addresses. No netmask is
associated with the Range address object, but internal logic generally
treats each member of the specified range as a 32-bit masked host
object. If you choose Range, enter the starting IP address in the IP
Address field and the ending IP address in the End IP Address field.
- Network: Network address object like the Range object comprises
multiple hosts, but rather than being bound by specified upper and lower
range delimiters, the boundaries are defined by a valid netmask. Network
address objects must be defined by the network’s address and a
corresponding netmask. As a general rule, the first address in a network
(the network address) and the last address in a network (the broadcast
address) are unusable. If you choose Network, enter the subnet IP
address in the IP Address field and the broadcast address in the
Netmask field.
- MAC: Identifies a host by its hardware address or MAC (Media Access
Control) address. MAC addresses are uniquely assigned to wired or
wireless networking devices by their hardware manufacturers. MAC
addresses are 48-bit values that are expressed in 6 byte hex-notation. If
you choose MAC, enter the MAC address in the MAC field.
STEP 4 Click OK to save your settings.
STEP 5 Click Save to apply your settings.
Configuring the Group Addresses
A group address combines with multiple addresses. The security appliance can
support up to 64 group addresses. A group address can include up to 64 address
members.
STEP 1 Click Networking -> Address Object Management.
The Address Object Management window opens. All existing group address
objects are listed in the Group Address table.
STEP 2 In the Group Address Table area, click Add Group to add a new group address.