Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

PIX inside/outside

Can I use real ip's on my inside network of PIX without using NAT or static (inside,outside) ??

6 REPLIES

Re: PIX inside/outside

You can but why would you want to? That would mean that someone is actually touching the box instead of a translation through the PIX. Makes it much easier for someone to do something there are not supposed to do.

New Member

Re: PIX inside/outside

Thanks for the reply, actually I want to integrate PIX with the websens, I have most of my users on outside network, websense only works with outbound traffic so I have to bring all my users to the inside so that I can filter their www traffic.

Please reply with the steps that how can I use my inside traffic to communicate outside without using NAT or static commands or refer some cisco doc related to this.

Thanks and Regards,

Silver

Re: PIX inside/outside

You need to use the static command . Why do you not want to use static?

nat (inside) 0 network number subnet mask

Disables nat for a block.

Ex:

static (inside, outside) 192.168.0.0 192.168.0.0 netmask 255.255.255.0

nat (inside) 0 192.168.0.0 255.255.255.0 0 0

Would disable nat for the inside int with ips of 192.168.0.0/24.

Note that if you were using nat, you might have created global pools for nat. You don't use the global command unless you are using nat. So, you might need to first remove global commands, then add appropriate static and nat commands.

Matt

New Member

Re: PIX inside/outside

Thanks for the reply Matt,

What if I have more than one network e,g 192.168.0.0 /24, 204.16.30.0 /24 etc which i want to use without NAT.

can i use

nat (inside) 0 0.0.0.0 0.0.0.0

Static (inside,outside) 0.0.0.0 0.0.0.0

so that only with this command all the networks running can access the internet witout using NAT.

New Member

Re: PIX inside/outside

Its urgent please reply soon

Silver

Re: PIX inside/outside

You can use multiple nat and static statements.

104
Views
0
Helpful
6
Replies
CreatePlease to create content