01-29-2002 12:22 AM - edited 03-08-2019 09:41 PM
Hi,
Need some help with multiple NAT 0 on all interface on the PIX.
What I understand is that the following lines will turn off NAT between the source and destination
access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list 101 permit ip 192.168.1.0 255.255.255.0 192.168.4.0 255.255.255.0
nat (inside) 0 access-list 101
Since I'm dealing with 6 interfaces altogether, I need to figure out how to:
- allow hosts from a lower security level to be able to access servers at a higher security level
- vice versa
- allow pinging on all interface for troubleshooting aid.
This PIX deployment scenario is quite complicated to me since I've never done it before.
Many thanks for any help.
Regards,
Zeremy
02-01-2002 08:44 AM
Zeremy,
With all due respect, but if you haven't worked with the PIX firewalls before, you might want to obtain some assistance from an experienced consultant. A firewall with 6 interfaces and that require communications between each other is indeed complicated and prone to errors. Your firewall is too important to be used as a 'learn on the spot' device.
I am sure that there are experienced consultants near your area or you could contact Cisco to obtain a recommendation.
02-01-2002 06:40 PM
I totally agree with you,
We're in the process of getting additional help from experienced consultants.
Thank you for the advice.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide