R: [fw-wiz] pix 501 as bridge firewall. Possible?

From: edp (edp.lists_at_acerbis.it)
Date: 08/18/03

  • Next message: Hoang, Binh P,,DMDCWEST: "RE: [fw-wiz] pix 501 as bridge firewall. Possible?" 
    To: "'Paul Matuszewski'" <sase@five-elements.com>
Date: Mon, 18 Aug 2003 15:52:53 +0200

    Of course, is a quite common scenario, you have to investigate the "nat
    0 access-list" / nat bypass characteristic of that appliance (remember
    that pix NAT packets by default). Read the associated command
    explanation on cisco references:

    http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cm
    dref/mr.htm#1032129

    -----Messaggio originale-----
    Da: Paul Matuszewski [mailto:sase@five-elements.com]
    Inviato: luned́ 18 agosto 2003 8.37
    A: firewall-wizards@honor.icsalabs.com
    Oggetto: [fw-wiz] pix 501 as bridge firewall. Possible?

    Hey all,
    I've used Pix's as NAT'ing firewalls specifying different address pools
    on
    different interfaces on 10k situations.. works flawlessly. However,
    whenever I am doing any kind of situation where I need the internal
    network
    has public IP space.. I use packet filtering on a router.

    So my question is as follows, is the following situation possible:

    OUTSIDE: 192.168.1.0/24
    INSIDE: 192.168.2.0/24
    Outside network communicates directly with inside IP's and vica versa
    with
    NO natting.

    Is that possible? or am I missing something here?

    Thanks.

    ---------------------------

    Paul Matuszewski
    Systems Administration
    In Office Networks
    http://www.inofficenetworks.com
    V:(516) 816-4871
    V:(305) 799-4871
    F:(305) 441-2804

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Hoang, Binh P,,DMDCWEST: "RE: [fw-wiz] pix 501 as bridge firewall. Possible?"

    Relevant Pages

    • Re: XP Home: selective folder sharing
      ... >same would hold for any wireless connection. ... Explaining bridges vs NAT is not easy. ... network are visible to all other components on each network. ... With a bridge (if Falcon-II is providing one), ...
      (microsoft.public.windowsxp.network_web)
    • Re: XP Home: selective folder sharing
      ... > Explaining bridges vs NAT is not easy. ... > network are visible to all other components on each network. ... > With a bridge (if Falcon-II is providing one), ... > For protection inside the NAT router, ...
      (microsoft.public.windowsxp.network_web)
    • Re: [9fans] Do we have a catalog of 9P servers?
      ... I believe state information and communication buffers are the biggest memory spending for network operations. ... There _could_ be a trade-off between the transient NAT with its processing power toll and the persistent /net-import with its memory cost. ... By contrast, on a large network /net-import strategy could make a "powerful" gateway unavoidable because every machine on the network will need a session with the gateway even if it only rarely communicates with the outside world, unless you implement an ... Or is it because Plan 9 has much less inertia because of a smaller user base? ...
      (comp.os.plan9)
    • Re: [9fans] Do we have a catalog of 9P servers?
      ... network layer data units, ergo, NAT again. ... The "packet ...
      (comp.os.plan9)
    • Re: AD/DNS with NAT
      ... his entire network is based on a private range. ... Datacenters host servers as Domain Controllers AD2003, DNS, Exchange ... every small offices to use NAT in order to keep the private IP range ...
      (microsoft.public.windows.server.networking)