avoid NAT

Answered Question
Feb 22nd, 2009

hello

we are using PIX 525 (version 7.2(3))

when i configure an rdp access (for example) from inside to a computer in DMZ, i configure the access rule (in security policy) then i MUST configure a NAT rule that keeps my IP unchanged between inside and DMZ:

static (inside,DMZ-WEB) IT_VLAN IT_VLAN netmask 255.255.0.0

is it possible to bypass this NAT rule?

In other words: is it possible to say to PIX: if you find a NAT rule, then use it. And if you don't find a NAT rule then just route the packet and don't ask for a NAT rule like above?

i found a command called no nat-control. i am not sure this the solution. i tried it but it did not work!

any help

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Actions

This Discussion