Routing and remote access filters restrict traffic at International Organization for Standardization (ISO) layer 2 and affect all IP traffic received by a NAT interface. These filters specify which IP packets are forwarded or rejected by the NAT interface.
You can apply routing and remote access filters to outbound and inbound traffic
This table shows Interface types and the reasons for assigning a filter to each interface
You create routing and Remote Access filters by specifying the source or destination IP address range and the protocol type of the packets to be filtered.
You can base your filter design upon any combination of the above components You can design the filters to accept or reject packets that match any of the filters assigned to the NAT interface. This is an improvement over the packet filtering in Windows, which only allowed you to designate filters to accept packets, not to reject them.