From: Stefan Grey (examplebrain@hotmail.com)
Date: Fri Aug 04 2006 - 14:52:35 ART
This is the main problem!! After that the PIX gives such message: "Warning
the protocols and ports will not be used".
>From: "Curt Girardin" <curt.girardin@chicos.com>
>To: "Stefan Grey" <examplebrain@hotmail.com>
>Subject: RE: PIX and icmpn NONAT
>Date: Fri, 4 Aug 2006 09:19:40 -0400
>
>
>How about
>
>Access-list NONAT permit icmp 11.11.11.11 22.22.22.22
>
>Using the icmp keyword instead of ip?
>
>HTH,
>
>Curt
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
>Stefan Grey
>Sent: Friday, August 04, 2006 6:36 AM
>To: ccielab@groupstudy.com
>Subject: PIX and icmpn NONAT
>
>Hello,
>
>R1 - PIX - R2. Well I want R1 and R2 be able to ping each other without
>NAT translation but other traffic should be with NAT translation. The
>solution for this I found was:
>nat (inside) 1 access-list NONAT
>access-list NONAT permit ip 11.11.11.11 22.22.22.22.
>
>but if I use access-list NONAT permit icmp 11.11.11.11 22.22.22.22 I see
>the warning that the protocol and port will not be used.
>
>Is there some solution for the task I described. I need to NONAT not all
>the trafic but just icmp.
>
>Thanks,
>
>_________________________________________________________________
>Find a baby-sitter FAST with MSN Search! http://search.msn.ie/
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:56 ART