RE: [nsp] REG: PIX Failover Bundle.

From: Scott Morris (swm@emanon.com)
Date: Sat Apr 21 2001 - 15:23:12 EDT


You can't "disable" NAT on the PIX Firewall, as that's one of its primary
responsibilities.

However, you can NAT to itself, usually through a static.

static (inside,outside) 172.16.100.1 172.16.100.1 netmask 255.255.255.255

or

static (inside,outside) 172.16.100.0 172.16.100.0 netmask 255.255.255.0

to keep IPs the same for either a single host, or a whole network
respectively.

Scott
  -----Original Message-----
  From: Vinod Anthony Joseph Cherunni [mailto:vac@dsqworld.com]
  Sent: Friday, April 20, 2001 8:54 AM
  To: routerman@visto.com
  Cc: cisco-nsp@puck.nether.net
  Subject: Re: [nsp] REG: PIX Failover Bundle.

  Hi,

  Thanks a lot for the advice. Just a couple of queries in mind.

  In a config as below -

  nameif ethernet0 outside security0
  nameif ethernet1 inside security100
  nameif ethernet2 dmz-web security60
  nameif ethernet3 dmz-auth security3

  Assuming I am not using NAT on any interfaces, & need to disable it. How
would I achieve the same on all my PIX interfaces.

  Secondly it would be great if you could send me a sample config for the
PIX failover part.

  With kind regards,
  Vinod.



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:35 EDT