From: Jay Hennigan (jay@xxxxxxxx)
Date: Mon Oct 30 2000 - 12:01:04 GMT-3
On Sun, 29 Oct 2000, Andrew wrote:
> >According to this, it looks like you should have NAT. You have a different
> >network outside than inside.
>
> Don't all routers that are routing between networks? ;) The PIX is not
> necessarily a NAT box. It performs statefull security for established
> connections (translated or not.)
A PIX is not a router.
> And if you're not doing NAT (using NAT 0) then you don't need statics per
> say. If you are trying to allow non-established connections in from the
> outside then you would need to use conduits to open those holes.
But you still need the statics to map the inside to the outside addresses
in order to allow outside connections to the inside. You also need a
conduit (or access list in the newer software). When not using NAT, you
just map the same IP on both sides of the box to itself.
-- Jay Hennigan - Network Administration - jay@west.net NetLojix Communications, Inc. NASDAQ: NETX - http://www.netlojix.com/ WestNet: Connecting you to the planet. 805 884-6323
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:32 GMT-3