<div>
Please post your PIX config. &nbsp;I can't make enough sense of what you've already posted.
</div>


Please post your PIX config.  I can't make enough sense of what you've already posted.

<div>
<br />
access-list acl_out permit ip any host n.n.n.118<br />
static (inside,outside) .n.n.n.118 n.n.n.118 netmask 255.255.255.255 0 0<br />
<br />
Will have to get you the Full config latter, don;t have access from here.. 
</div>



access-list acl_out permit ip any host n.n.n.118
static (inside,outside) .n.n.n.118 n.n.n.118 netmask 255.255.255.255 0 0

Will have to get you the Full config latter, don;t have access from here..

<div>
Yep, <br />
<br />
&nbsp; &nbsp;Goal was / is just to restrict access on some ports (Firewall the Machine) not to NAT the IP ... <br />
<br />
&nbsp; &nbsp;So <br />
&nbsp; &nbsp;Static (inside, outside) 1.1.1.118 1.1.1.118 MASK 255.255.255.255 0 0 &nbsp; <br />
&nbsp; &nbsp;Is what we were looking for.. &nbsp;<br />
<br />
&nbsp; &nbsp;Thanks, 
</div>


Yep,

   Goal was / is just to restrict access on some ports (Firewall the Machine) not to NAT the IP ...

   So
   Static (inside, outside) 1.1.1.118 1.1.1.118 MASK 255.255.255.255 0 0  
   Is what we were looking for..  

   Thanks,

<div>
<div class="content wysiwyg-content">
Trying to use PIC 501 as a Firewall :-) <br />
<br />
Cissco IAD n.n.n.113/29 <br />
PIX &nbsp;Eth-0 n.n.n.114/29 (PNAT)<br />
<br />
&nbsp; &nbsp; &nbsp; Eth1 - 192.168.0.254/24 Gateway Address.<br />
&nbsp; &nbsp; &nbsp; Eth2 - n.n.n.118/29 <br />
&nbsp; &nbsp; &nbsp; Eth3 - 192.168.0.23 &nbsp;Static NAT n.n.n.115/29 &nbsp;<br />
&nbsp; &nbsp; &nbsp; Eth4 - 192.168.0.24 &nbsp;Static NAT n.n.n.116/29<br />
<br />
Traffic to Eth1 / Eth3 / Eth4 all work fine. <br />
Traffic to Eth2 which we don't want NAT Mapped as it's handling SIP traffic does not work. Just want to permit / deny certain port connections.<br />
<br />
Should it work or am I expecting something more from the 501 than it's capabile of. <br />
JMS...<br />

</div>
</div>


Trying to use PIC 501 as a Firewall :-) 

Cissco IAD n.n.n.113/29 
PIX  Eth-0 n.n.n.114/29 (PNAT)

      Eth1 - 192.168.0.254/24 Gateway Address.
      Eth2 - n.n.n.118/29 
      Eth3 - 192.168.0.23  Static NAT n.n.n.115/29  
      Eth4 - 192.168.0.24  Static NAT n.n.n.116/29

Traffic to Eth1 / Eth3 / Eth4 all work fine. 
Traffic to Eth2 which we don't want NAT Mapped as it's handling SIP traffic does not work. Just want to permit / deny certain port connections.

Should it work or am I expecting something more from the 501 than it's capabile of. 
JMS...


PIX 501 - Not functioning as a Firewall.  ??

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.