I realize I am defeating the purpose of the firewall but I want to get
traffic going through it then lock it down. I host thousands of websites
that each have their own ip address so I need those ips to pass on, and not
renumber them all to an internal ip.
Hope that makes sense.
Thanks,
Neil
----- Original Message -----
From: "Jay Christopherson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, September 20, 2001 3:19 PM
Subject: Re: Passing Traffic Through a PIX
>
> Neil-
>
> What exactly are you trying to do? Are the servers behind your PIX
> going to all have publicly available IP's? Why wouldn't you have
> internal IP's and just NAT them?
>
> Are you looking for a config? I mean, once you have all the system
> configs (iinterface IP's, security zones, failover ip's (if any),
> etc...) setup, you can basically create ACL's that say:
>
> access-list acl_open permit ip any any
>
> and that will allow all traffic through your firewall, but then you are
> utterly defeating the purpose of a firewall...
>
> - Jay
>
> > Message: 10
> > From: "Neil H." <[EMAIL PROTECTED]>
> > To: "Kent Hundley" <[EMAIL PROTECTED]>
> > Cc: <[EMAIL PROTECTED]>
> > Subject: Re: Passing Traffic through a Pix
> > Date: Thu, 20 Sep 2001 13:20:19 -0400
> >
> > Their site shows a the scenario that your servers all have internal IP
> > addresses and you want to pass traffic into those. That isn't really
what I
> > am doing so that is why I am asking.
> >
> > Thanks,
> >
> > Neil
> >
> > ----- Original Message -----
> > From: "Kent Hundley" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Cc: <[EMAIL PROTECTED]>
> > Sent: Thursday, September 20, 2001 4:06 PM
> > Subject: RE: Passing Traffic through a Pix
> >
> >
> > > Neil,
> > >
> > > Have you tried looking at the PIX docs on the Cisco web site? They do
a
> > > decent job of going through setting up a PIX for simple envrionments
like
> > > the kind your talking about. I would start there first and see if it
> > > gives you what you need. You can also do a search on Cisco's site for
> > > 'security technical tips' and that will lead you to a lot of PIX
configs.
> > >
> > > HTH,
> > > Kent
> > >
> >
> -------------------------------------------------------------------------
> > > Could someone please help me to put a PIX on my network and pass
normal
> > > traffic through it. I want to use no filters at this point. I also
want
> > > all the addresses on the server to be available on the other side
> > (outside)
> > > of the pix.
> > > Thanks,
> > > Neil
> > >
> > >
> >
> >
> >
> > --__--__--
> >
> > _______________________________________________
> > Firewalls mailing list
> > [EMAIL PROTECTED]
> > http://lists.gnac.net/mailman/listinfo/firewalls
> >
> >
> > End of Firewalls Digest
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> http://lists.gnac.net/mailman/listinfo/firewalls
>
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
