09-17-2004 11:15 PM - edited 02-20-2020 11:38 PM
Can a PIX firewall do routing and protect internal network without NAT?
09-18-2004 01:44 AM
PIX can protect the internal network even if you do not want to do NAT on the PIX. Read the Nat 0 (Identity NAT) section of the PIX command reference at:
As far as routing is concerned, well PIX does support static routes, RIP, and newer versions supports OSPF also. What exactly are you trying to achieve?
09-18-2004 02:39 AM
I just want to connect the PIX to 3 network segments and control the traffic flowing among the segments, all 3 segments are on local area network and no NAT is necessary because it's done by a WAN router.
One of the network segments is DMZ, one is internal private network and last one is to connect to WAN router.
If I run NAT on the PIX, then it will become double-NAT because the WAN router is also a NAT gateway.
Thanks a lot, you have solved my 2 problems in a day.
09-18-2004 02:50 AM
Glad to be of any help. If you face any issues during your actual implementation do post here and we will try to help as much as we can.
09-18-2004 05:58 AM
Thanks. This forum is really of great help.
09-22-2004 09:04 PM
I would actually use Exemption NAT, like Identity NAT but doesn't require the use of statics for incoming traffic.
Cheers
Dave
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide