to be able to connect to one of my servers in my LAN from the WAN interface, I created static NAT translations. After setting up these translations, I created my firewall configuration. Everything works fine. However, I want to limit the access from the WAN to the local server to a few specified hosts. If I'm right, this should be possible using ACLs. The firewall configuration in SDM indicates for the static NAT translations 'Permit Firewall'. If I select 'Permit ACL' there, I cannot reach the particular server from outside anymore. I checked the ACLs in SDM and found out that there is only one 'Firewall ACL', which consists of 'invalid IP addresses'. This ACL is automatically created by SDM. How can I specify in my router (using SDM) to allow only a few specified to hosts to connect to the server?