11-23-2005 08:11 AM - edited 02-21-2020 12:32 AM
I have an issue where I need to bring a network into our network but because of that fact I can't route 172.x.x.x addresses through our provider (British Telecom Private Network)I need to figure out a way to nat a zone to another. The group is coming from 164.39.x.x and 145.78.x.x addresses destined for 172.x.x.x. I have The zones involved are CORPNET, I-DMZ and E-DMZ. CORPNET is the group coming in and I-DMZ and E-DMZ are where the servers reside that they need to get to.The zones are configured with security as follows:
CORPNET 65
I-DMZ 20
E-DMZ 40
I have a nat (CORPNET) 1 0.0.0.0 0.0.0.0 to allow CORPNET 10.0.100.64/26 to access other zones on our network and so far it seems to work fine. Any ideas?
11-24-2005 09:57 PM
Hello
You can configure Remote access VPN to terminate on your PIX firewall and give access to the servers on inside/DMZ to the external users. By this way, you also secure the data traffic flowing through the service provider. You can refer to the configuration guide of the PIX firewall for more information.
Let us know if you require any more help on this.
RAj
11-25-2005 08:54 PM
Since they are part of the company we prefer not to VPN them in. We would prefer that they come in like any other zone. They are directly connected having to only pass through the FWSM to get inside. They are considered trusted traffic just not as trusted as say onsite users.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide