Re: Allow printing traffic from DMZ(Lower Security interface) to inside network on PIX 515E

Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript

comp.security.firewalls archive

Re: Allow printing traffic from DMZ(Lower Security interface) to inside network on PIX 515E

From: Wil <wil@SPAM.THIS>
Date: Thu Dec 08 2005 - 23:14:43 CET

Just noticed that you have a nat0 on each interface... PIX isn't a
router, AFAIK you will always need to nat a lower to a higher.

Try this:

! This allows basic Internet usage
global (outside) 1 interface
nat (inside) 1 0 0
nat (dmz) 1 0 0

! This creates a nat from the dmz to the inside
static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0

happy hunting!

Wil
my 3¢
Received on Sun Dec 11 14:24:53 2005

This message: [ Message body ]
Next message: Wolfgang Kueter: "Re: Firewall shows ports being used in sqeuence"
Previous message: Wil: "Re: Allow printing traffic from DMZ(Lower Security interface) to inside network on PIX 515E"
In reply to: jywu1@hotmail.com: "Allow printing traffic from DMZ(Lower Security interface) to inside network on PIX 515E"
Next in thread: jywu1@hotmail.com: "Re: Allow printing traffic from DMZ(Lower Security interface) to inside network on PIX 515E"
Reply: jywu1@hotmail.com: "Re: Allow printing traffic from DMZ(Lower Security interface) to inside network on PIX 515E"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]