Giuseppe Larosa Thu, 04/02/2009 - 02:53
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rupesh,

this line should instruct the PIX to accept traffic from inside to outside from and that these addresses are not natted but left unchanged (see that 1048.0.0 appears two times this means left it unchanged)

Hope to help


Jon Marshall Thu, 04/02/2009 - 03:47
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


In addition to Giuseppe's post it also allows connections to be initiated from outside to those addresses providing you have allowed the traffic in an acl.


lamav Thu, 04/02/2009 - 06:15
User Badges:
  • Blue, 1500 points or more

And to add to what both of them said, the reason that you would do a NAT like this, where it doesnt seem to achieve anything, since the addresses dont change, is that the PIX firewall's Adaptive Security Algorithim is engineered to look for NAT translations between any 2 interfaces.



This Discussion