Firewall Wizards mailing list archives
Re: PIX 500 as ROUTER ONLY
From: Daniel Linder <dan_linder () yahoo com>
Date: Mon, 17 Nov 2003 08:35:37 -0800 (PST)
Michael Leland wrote:I have a PIX 500 that I want to use to connect two public IPnetworks.I don't need to provide much security support, simply use it as asimplerouter between subnets. Any ideas???
Depending on your needs, you could setup the PIX to route traffic with a "permit ip any any" for the ACL on "inbound" stuff (i.e. outside to inside traffic), and then a "nat 0" for the traffic going from the inside back out. As another poster mentioned though, the PIX is really not meant to do this so features that a real router might have (RIP, OSPF, etc) will not be available or limited if they exist. Is this a case of needing to use existing equipment, or is the firewall feature going to be used shortly just not in the near future? You might want to look at the real long-term use of the device. If it is going to be doing more routing and very little firewalling (nothing a standard router ACL couldn't handle), then you might want to look at a low end router. If it will be doing firewall primarialy but just protecting live IP addresses behind it, then the firewall is your best bet. Dan __________________________________ Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard http://antispam.yahoo.com/whatsnewfree _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX 500 as ROUTER ONLY Michael Leland (Nov 16)
- Re: PIX 500 as ROUTER ONLY Mikael Olsson (Nov 17)
- Re: PIX 500 as ROUTER ONLY Daniel Linder (Nov 18)
- <Possible follow-ups>
- PIX 500 as ROUTER ONLY Dario Calia (Nov 21)
- Re: PIX 500 as ROUTER ONLY Luca Berra (Nov 23)
- RE: PIX 500 as ROUTER ONLY Wes Noonan (Nov 24)
- Re: PIX 500 as ROUTER ONLY Luca Berra (Nov 23)
- Re: PIX 500 as ROUTER ONLY Mikael Olsson (Nov 17)