I had to install a PIX on a customer network this week. The LAN was already running and the customer asked me to don�t change the public IP�s of their servers. So I configured the PIX to work without NAT. The configuration I thought was to put private ip address in the outside lan and use the old ip address of the access router in the inside ethernet of the PIX, so the servers continue using the same default gateway. The problem was that this didn�t work. When i tried to make a traceroute from one of the servers, the packets just went 1 hop(the router Eth. interface) and then died. I tried changing the IP�s of the outside lan to public IP�s, and then it works fine. I hope you understand what I tried to say. Now my question is, is possible to configure a PIX with public IP address inside and private ip address outside without using NAT? It�s supposed to work like this way, becouse when i try to reach the internet from the inside it�s supposed that i�m going outside with a public source address, so why this doesn�t work? You may think I�m crazy doing this kind of configuration, but my customer asked me to do it this way, i couldn�t convince him... Thanks in advance. Matias Christensen. Networking Specialist Equant Argentina. +54-11-4349-0824 - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
