Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Transparent firewall

Hi,

Is there a way to configure a pix firewall to be transparent in the network? I mean, I'd like to simply put the firewall between a server and a network without having to modify anything in the server and doing all traffic control in the firewall. I don't need (want) the firewall to do nat, pat, or anything more than applying access-lists.

Thanks,

4 REPLIES
New Member

Re: Transparent firewall

Won't work. PIX MUST have NAT/PAT in order to function

New Member

Re: Transparent firewall

Thanks for your reply.

Do you consider is there a change that this feature will be included in a future release? I see it as a very promising one because of the lack of the need to reconfigure already connected devices.

Regards,

Silver

Re: Transparent firewall

Hi,

Actually the answer is Yes. This is what you need to do:

nat (inside) 0 acess-list 101

access-list 101 permit ip any any

Once you have these lines in place, the nat engine on the pix would be turned off completely from outside to inside and vice versa.

Then if you configure acl on outside interface to allow whatever traffic you want to allow, it would be transparent in terms of translations.

Thanks,

Mynul

New Member

Re: Transparent firewall

Apologies,

Yes, you can use NAT 0.

I was too busy thinking " Might as well use ACL on router!"

Ali

127
Views
0
Helpful
4
Replies
CreatePlease login to create content