'Re: [fw-wiz] PIX v7: routing without NAT?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewall-wizards
Subject:    Re: [fw-wiz] PIX v7: routing without NAT?
From:       Brian Loe <knobdy () gmail ! com>
Date:       2006-01-18 2:18:15
Message-ID: 3c4611bc0601171818l491af15fo6a9b3a45c81ca34e () mail ! gmail ! com
[Download RAW message or body]

This might be a semi-beginner question as well, but as described youhave an external \
IP on the inside interface of the PIX - is thatintentional? I would expect to see a \
public IP address on yourexternal PIX interface and a private, non-'Net address on \
the internaldevice. Your internal PC would use that private address as it'sdefault \
gateway (or the switch/router would) thereby allowing the PIXto get it and shove off \
all traffic not destined for networks directlyconnected to it to its own default \
gateway, your ISP router. Again, to me, it would seem that they way you have \
explained it isthat the PIX would have to act as a bridge or switch. Your tests \
seemto prove that as well since naturally the inside PC can ping theinside interface \
of the PIX, they're on the same network and directlyconnected, as should the external \
PC/PIX Interface work. However,going from the inside PC to the outside PC you're \
trying to travelover a device that doesn't know what to do with it. On 1/17/06, Vahid \
Pazirandeh <vpaziran@yahoo.com> wrote:> Hi All,>> At our co-lo, we have IPs *.65 to \
*.97 available.  I'm trying to setup a mock> network before touching the production \
environment.>> Our ISP router will be sitting on *.64, and we'd like to  use external \
IPs for> all our servers that are behind the PIX.  Is this possible?>> I've run some \
tests (and mind you I am new to pix), and it seems that the ARP> requests are not \
passing through the pix.  I'm also not sure that the network> design we're using is \
going to work as intended.  Any thoughts?>ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿßŠ·°jYÿ \
,ÚÛ&j)bž	b²×âì–_ð‹6«vÏá¢z+þ',jV›³÷(šm§ÿÿ†‰è¯øœ±©ZnÏÜ¢oæj)fjåŠËbú?~*ÞÁ©eÿ³j·l


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic