I just took over management for a PIX running 6.3 only using conduits and outbound statements.
Currently, there is no Internet (or outbound) access allowed generically speaking for the dmz lan.
I have two questions:
What are the thoughts of allowing outbound access to the internet from the DMZ using a nat (dmz) 1 0.0.0.0 0.0.0.0 statement...since it is going to an interface with a lower security level?
If I do not use the NAT statement, how would I do this? Static NAT with OUTBOUND statements?
Any help is appreciated.