You still need conduit or access list to bypass PIX ASA. -Keyur Shah- CCIE# 4799 (Security; Routing and Switching) css1,ccna,ccda,scsa,scna,mct,mcse,mcp+i,mcp,cni,mcne,cne,cna Hello Computers "Say Hello to Your Future!" http://www.hellocomputers.com Toll-Free: 1.877.794.3556 Fremont: 510.795.6815 Santa Clara: 408.496.0801 Europe: +(44)20 7900 3011 Fax: 510.291.2250
-----Original Message----- From: Philip Sousa [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 08, 2002 10:33 PM To: [EMAIL PROTECTED] Subject: PIX with no NAT [7:31353] I've been on Cisco's site for hours, but cannot find a conclusive answer to my question. When you disable NAT (NAT 0) to allow the use of public IP's behind the PIX, are the internal nodes allowed to start outbound connections by default?? I need to selectively allow nodes behind the firewall to start outbound connections on certain port....how should I accomplish this? Access-lists? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31411&t=31353 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]