We need to deploy an internal firewall. Several questions:
1. Can I have the untrusted side, access hosts via their actual addresses? Or do they need to hit one of the pix's interfaces? I think Pix's don't allow this, but I am not sure. For example, can 10.24.1.1 access 172.16.31.80 directly?
2. Is this commonly done with a pix?
3. I need some advice here, I'm hitting a wall