RE: PIX question... [7:5248]

Craig Columbus Mon, 21 May 2001 09:42:28 -0700
I'm not clear on what you're asking.  Are you asking if the PIX can take a 
public IP and make it appear as a private IP on the internal network?  The 
answer is yes, although you certainly want to be careful with this and I 
can't say that this is a recommended config.  You'll need a config similar 
to the one below:

nat (outside)  1 0 0
static (inside,outside)  
 netmask 255.255.255.255
access-list  permit ip any host 

For more info, reference 
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v52/config/examples.htm#xtocid274896

Thanks,
Craig

At 12:14 PM 5/21/2001 -0400, you wrote:
>We are aware of the VPN solution and that is our long term goal. However,
>for the moment, all I need to know is if it is possible to NAT from an
>outside (not trusted) interface to an inside (trusted) interface.
>
>  Thank you!
>
>   -Rizzo
>
>
>
>
>-----Original Message-----
>From: Craig Columbus [mailto:[EMAIL PROTECTED]]
>Sent: Monday, May 21, 2001 11:44 AM
>To: Rizzo Damian
>Cc: [EMAIL PROTECTED]
>Subject: Re: PIX question... [7:5248]
>
>Sounds like a VPN is your best bet.
>Should you decide to implement the VPN, you may want to consider whether
>you still need to maintain the modem pool on the Internet router.  Reducing
>this cost could help justify the cost of implementing a VPN solution.  A
>properly authenticated VPN user should be able to use any dial-up Internet
>connection to reach your LAN.
>
>Craig
>
>At 10:15 AM 5/21/2001 -0400, you wrote:
> >Hey all, is it possible to translate public IP addresses (outside) to
> >private IP addresses (inside) on a PIX firewall. Basically the exact
> >opposite of what's usually performed on a firewall. We are going to have
> >users dial in to our internet router and receive a Public IP address. They
> >have to get through our firewall to gain access to our LAN. Is there a way
> >to translate the Public IP address they will obtain into a private IP
> >address used by our LAN so they can access it?  I thank you for your
>help...
> >
> >
> >   -Rizzo
> >FAQ, list archives, and subscription info:
> >http://www.groupstudy.com/list/cisco.html
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>FAQ, list archives, and subscription info: 
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=5274&t=5248
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX question... [7:5248]

Reply via email to
