I have a PIX 515E (restricted), and have a situation where I need to avoid using NAT for hosts on my DMZ (long story...has to do with new VOIP equipment that won't work behind NAT).
I have a large block of public IP addresses, mostly unused. I assume I would just set up the interface with the public IP subnet; however, the outside routers uses an IP address in this block as well. Does that pose a problem as long as I know not to use it as the IP of a host in the DMZ?
you mentioned that the outside router uses an ip address in the same block. do you mean the inside int of the router, which is connected to the pix outside int? if so, that means you are trying to configure both pix outside and dmz int to be the same network. unfortunately, it's not possible on pix.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...