topic Re: PIX NAT issues or something like it in Network Security

PIX NAT issues or something like it

wr3500 — Fri, 21 Feb 2020 08:32:45 GMT

I have an issue where I need to bring a network into our network but because of that fact I can't route 172.x.x.x addresses through our provider (British Telecom Private Network)I need to figure out a way to nat a zone to another. The group is coming from 164.39.x.x and 145.78.x.x addresses destined for 172.x.x.x. I have The zones involved are CORPNET, I-DMZ and E-DMZ. CORPNET is the group coming in and I-DMZ and E-DMZ are where the servers reside that they need to get to.The zones are configured with security as follows:

CORPNET 65

I-DMZ 20

E-DMZ 40

I have a nat (CORPNET) 1 0.0.0.0 0.0.0.0 to allow CORPNET 10.0.100.64/26 to access other zones on our network and so far it seems to work fine. Any ideas?

Re: PIX NAT issues or something like it

sachinraja — Fri, 25 Nov 2005 05:57:03 GMT

Hello

You can configure Remote access VPN to terminate on your PIX firewall and give access to the servers on inside/DMZ to the external users. By this way, you also secure the data traffic flowing through the service provider. You can refer to the configuration guide of the PIX firewall for more information.

Let us know if you require any more help on this.

RAj

Re: PIX NAT issues or something like it

wr3500 — Sat, 26 Nov 2005 04:54:26 GMT

Since they are part of the company we prefer not to VPN them in. We would prefer that they come in like any other zone. They are directly connected having to only pass through the FWSM to get inside. They are considered trusted traffic just not as trusted as say onsite users.