Re: pix firewall nat help

mukthar786 · ‎05-23-2006

dear sir,

i using pix 525 i want to nat.please suggest me . pix firewall having two interfaces

Fernando_Meza · ‎05-23-2006

I suggest you use

global (outside) 1 XXX.210.223.67 netmask 255.255.255.255

instead of

global (outside) 1 XXX.210.223.67 netmask 255.255.255.248

You can also control outgoing access to specific ports by applying an access-list to the inside interface otherwise you are allowing all outbound IP traffic to the Internet.

everything else seems OK.

I hope it helps ... please rate it if it does

mukthar786 · ‎05-23-2006

in our network from isp it connected to the 1711 router, & pix firewall having 525 having two interfaces eo & e1.

e0 is connected to switch 4006 or to it should connected 1711 router of which port.

e1 is connected to switched 4006

and isa server with two nic cards one internal & external card.

public ip add.

1711 router is xxx.210.223.66

pix e0 is xxx.210.223.69

isa server is external nic is also xxx.210.223.6x

i has to use the isa server public ip add & local ip add two nic cards or only and change any configure in the pix firewall

a.kiprawih · ‎05-24-2006

Hi,

You can connect (recommended) your e0 directly to the 1711 router (FastEthernet) via cross-over UTP cable. Or, if you need to use your cat4006 switch, you need to create dedicated VLAN to group ports connecting your PIX (e0) and Router 1711 (use straight-through cable).

Rgds,

AK