Firewall Wizards mailing list archives
RE: PIX and NAT
From: "Iannaccone, Al" <Al.Iannaccone () occ treas gov>
Date: Wed, 3 Apr 2002 11:59:45 -0500
Joe and class; I can relate. I somewhat agree, the PIX CLI is a bit different... to say the least. But, once you become accustomed to it, I think you may actually like it more. To help with your question... I have found that this site has helped me out when I need a config sample. Look under the "Software Configuration" section. http://www.cisco.com/pcgi-bin/Support/PSP/psp_view.pl?p=Hardware:PIX if you just want to get the stuff that answers you question... go here: http://www.cisco.com/warp/public/110/19.html I am pretty sure this has the poopage you need. Al -----Original Message----- From: Joe Keegan [mailto:joe () jjk3 com] Sent: Tuesday, April 02, 2002 1:54 PM To: Firewall Wizards Mailing List Subject: [fw-wiz] PIX and NAT I am a CheckPoint guy who is trying to learn about Cisco PIX firewalls. I have had some experience with Cisco IOS and I have found it easy to use and intuitive, everything I have read has made sense. I am now finding that PIX does not follow this trend. I am confused about how to configure a PIX to use NAT on some interfaces, but not on others. Here is the situation, I have a PIX with four Ethernet interfaces. E0 - outside, security0 E1 - inside, security100 E2 - dmz1, security20 E3 - dmz2, security95 Now I want the inside, dmz1 & dmz2 (each with RFC1918 IP's) networks to each use their own PATs when they send traffic destined for the outside, which is no problem (each get their own NAT and global numbers). But I do not want inside, dmz1 & dmz2 to perform NAT (or PAT) between each other. I am confused on how to accomplish this, any help or pointing me in the right direction would be greatly appreciated. Thanks Joe ******************************************************************* Joe Keegan joe () jjk3 com Security Engineer SANS GCFW, CCSE, SCSA Phone: 408-242-4588 ******************************************************************* _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX and NAT Joe Keegan (Apr 03)
- Re: PIX and NAT Carson Gaspar (Apr 03)
- RE: PIX and NAT Benjamin P. Grubin (Apr 03)
- <Possible follow-ups>
- RE: PIX and NAT Iannaccone, Al (Apr 03)