Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Silver

avoid NAT

hello

we are using PIX 525 (version 7.2(3))

when i configure an rdp access (for example) from inside to a computer in DMZ, i configure the access rule (in security policy) then i MUST configure a NAT rule that keeps my IP unchanged between inside and DMZ:

static (inside,DMZ-WEB) IT_VLAN IT_VLAN netmask 255.255.0.0

is it possible to bypass this NAT rule?

In other words: is it possible to say to PIX: if you find a NAT rule, then use it. And if you don't find a NAT rule then just route the packet and don't ask for a NAT rule like above?

i found a command called no nat-control. i am not sure this the solution. i tried it but it did not work!

any help

thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: avoid NAT

The no-nat control globally inforces NAT or disables it.

To answer your question - no. If you assume that everything going thru the firewall will be nattted. Then the only thing you need to do is write exception rules?.

HTH>

1 REPLY

Re: avoid NAT

The no-nat control globally inforces NAT or disables it.

To answer your question - no. If you assume that everything going thru the firewall will be nattted. Then the only thing you need to do is write exception rules?.

HTH>

107
Views
0
Helpful
1
Replies