[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Cisco PIX Configuration - One Internal Network (public IPs - No NAT)

Posted on 2006-10-31
4
Medium Priority
?
265 Views
Last Modified: 2013-11-16
I am working on a PIX 500 series firewall with one internal network (class c - public) address space.

I can get the internal (inside) hosts to access the internet with no problem.  I cannot seem to have outside hosts access any internal hosts.

I have added:

access-list acl_out permit ip any any
access-group acl_out in interface outside
nat (inside) 0 x.x.x.x 255.255.255.0 0 0

Every sample pix config I see on the net assumes you want to use NAT.  We don't want to use private addresses on the internal network.
0
Comment
Question by:teksavers
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 2000 total points
ID: 17846982
Don't use nat 0, rather use a static

no nat (inside) 0
clear xlate
static (inside,outside) 12.34.5.0 12.34.5.0 netmask 255.255.255.0

Which model PIX? If you have a 515 or better you can upgrade to version 7.x which allows you to disable nat control. Any 6.x versions require nat in one form or another. Using the above static, you are natting same/same which is equal to not natting at all.
0
 
LVL 3

Expert Comment

by:mahe2000
ID: 17849005
you have to use static to let outside users access internal network. however it is not a good idea to do this unless you restrict what services you want them to access.
although you restrict your services, it's not a good idea. i suggest you use a dmz to give outsiders some kind of service.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question