Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix with 6 Interfaces

Hi everyone,

I would like to know, if anybody has a Cisco URL, for how configure a Pix Firewall with 6 interfaces (inside, outside,dmz1, dmz2, dmz3, dmz4) without nat.

Thanks in advance.

3 REPLIES
New Member

Re: Pix with 6 Interfaces

well, I am using a cisco PIX with 6 interface and without NAT.

First you have to decide upon security level of your interfaces. The Highest the security level, the more protected.

nameif ethernet0 inside security100

nameif ethernet0 outside security10

nameif ethernet0 outside security20

....

nameif ethernet0 outside security30

if two interfaces have the same security level, they can not communicate.

There are two ways to avoid NAT:

1) use nat 0 with access-list any to any

nat 0 access-list ALL

access-list ALL permit ip any any

(or a moree specific access-list like fron inside ip's to dmz1, outside etc)...

2) use static commands

static (inside,outside) 192.168.190.0 192.168.190.0 netmask 255.255.255.0 0 0

static (inside,dmz1) 192.168.190.0 192.168.190.0 netmask 255.255.255.0 0 0

static (inside,dmz1) 192.168.190.0 192.168.190.0 netmask 255.255.255.0 0 0

static (dmz1,outside) 192.168.170.0 192.168.170.0 netmask 255.255.255.0 0 0

need to do static for all interfaces from high security priority to low security priority that you need access to or from...

New Member

Re: Pix with 6 Interfaces

Ok My friend, this help me a lot.

Best regards.

New Member

Re: Pix with 6 Interfaces

Try this on for size...

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_book09186a0080143567.html

The 'Configuration Examples' should give you an idea about how to configure the PIX.

G'Day,

91
Views
0
Helpful
3
Replies