This Howtos posted under: Cisco, Firewall | Total Visitors Till Now: 229

How to configure the PIX Firewall to pass traffic without NAT

There are the two ways to allow traffic to pass through the PIX Firewall without translating the source address:

* Issue the no nat command.

The nat (inside) 0 0.0.0.0 0.0.0.0 command allows traffic to pass from the inside to the outside without translating the source addresses, but this version of the nat 0 command does not allow for any outside-to-inside traffic.
The nat (inside) 0 access-list nonat command allows traffic to pass from the inside to the outside and also provides an option to permit outside-to-inside traffic based on the nonat Access Control List (ACL), an ACL applied to the outside interface.

* Issue the static command. The static (inside,outside) 10.10.10.0 10.10.10.0 netmask 255.255.255.0 command creates an xlate table, but there is really no translation taking effect because the addresses are translated to themselves. This solution also provides the option to allow outside-to-inside traffic based on an ACL applied to the outside interface.


  Posted by admin on September 8, 2008 at 6:23 am

No comments [Comments are now closed for this post]  Tags: , , , , , , , , , , , , , , ,

Coolsearchinfo - A free Social Bookmarking Site

Liked this article? To continue getting our latest free Howtos and Tutorials,
you can also grab the RSS feed or Subscribe to Techgurulive by Email

Not Getting



Related posts
  • How to Filter ICMP traffic in the Cisco IOS
    The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite. It is chiefly used by networked computers’ operating systems to send error messages—indicating,...