There are the two ways to allow traffic to pass through the PIX Firewall without translating the source address:
* Issue the no nat command.
The nat (inside) 0 0.0.0.0 0.0.0.0 command allows traffic to pass from the inside to the outside without translating the source addresses, but this version of the nat 0 command does not allow for any outside-to-inside traffic.
The nat (inside) 0 access-list nonat command allows traffic to pass from the inside to the outside and also provides an option to permit outside-to-inside traffic based on the nonat Access Control List (ACL), an ACL applied to the outside interface.
* Issue the static command. The static (inside,outside) 10.10.10.0 10.10.10.0 netmask 255.255.255.0 command creates an xlate table, but there is really no translation taking effect because the addresses are translated to themselves. This solution also provides the option to allow outside-to-inside traffic based on an ACL applied to the outside interface.
Tags:accesses, acl, bases, command, configuration, configure, create, firewall, interface, listing, nat, netmask, pix, source, table, traffic
you can also grab the RSS feed or Subscribe to Techgurulive by Email
