rects & comments; I would like to hear from
>you guys!
>
>Syson Suy
>
>If Life is a Game, These are the Rules:
>Experience is a hard teacher.
>She give the test first and the lessons afterwards.
>- Original Message -
>From: "Richie, Nathan"
>To:
>S
is never a good idea, no matter how you do it. Anyone
who's worked with IDS at all will be able to vouch for that one.
Andras
-Original Message-
From: PSIHOYIOS PANAYIOTIS [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 22, 2001 3:11 AM
To: [EMAIL PROTECTED]
Subject: RE: PIX question.
designed in the direction of
internal to external.
The only reliable, secure and supported solution is a static/conduit setup.
Hope this helps
-Original Message-
From: PSIHOYIOS PANAYIOTIS [mailto:[EMAIL PROTECTED]]
Sent: 22 May 2001 11:11
To: [EMAIL PROTECTED]
Subject: RE: PIX question... [7
=
> -Original Message-
> From: Rizzo Damian [mailto:[EMAIL PROTECTED]]
> Sent: Monday, May 21, 2001 5:16 PM
> To: [EMAIL PROTECTED]
> Subject: PIX question... [7:5248]
>
>
> Hey all, is it possible to translate public IP addresses (outside) to
> private IP
OK basic PIX stuff
High to Low: use NAT and Global command
Low to High: use Static and Conduits (or ACLs)
Now... You want people to access your internal boxes using external IPs
OK
First way.. Statically assign external addresses to the internal hosts
that need to be accessed
rrects & comments; I would like to hear
from
> >you guys!
> >
> >Syson Suy
> >
> >If Life is a Game, These are the Rules:
> >Experience is a hard teacher.
> >She give the test first and the lessons afterwards.
> >- Original Message -
> >From
hard teacher.
>She give the test first and the lessons afterwards.
>- Original Message -----
>From: "Richie, Nathan"
>To:
>Sent: Monday, May 21, 2001 5:05 PM
>Subject: RE: PIX question... [7:5248]
>
>
>> I beg to differ. I do not believe this can
-Original Message-
From: syson [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 21, 2001 5:14 PM
To: [EMAIL PROTECTED]
Subject: Re: PIX question... [7:5248]
hi Rizzo!
You can not even telnet into your PIx from the outside interface, nor you
can telnet into it without VPN or SSH. Making t
PM
To: [EMAIL PROTECTED]
Subject: Re: PIX question... [7:5248]
hi Rizzo!
You can not even telnet into your PIx from the outside interface, nor you
can telnet into it without VPN or SSH. Making the PIX work the way you want
(in contrary to the usual way of NATing high security to Low sec
test first and the lessons afterwards.
- Original Message -
From: "Richie, Nathan"
To:
Sent: Monday, May 21, 2001 5:05 PM
Subject: RE: PIX question... [7:5248]
> I beg to differ. I do not believe this can be done. When the PIX
> translates (either dynamically or statical
MAIL PROTECTED]
Subject: RE: PIX question... [7:5248]
OK kids. Allowing packets from a lower security level interface to a higher
security level interface requires a conduit or access list. So yes, it can
be
done. I wouldn't forget about security though. ;^)
D.
At 01:50 PM 05/21/2001 -04
ne. The static
>mapping doesn't seem to work. Probably because it require a one-to-one
>mapping no? Thanks for any help in advance!
>
>
>
> -Rizzo
>
>
>
>
>
>-Original Message-
>From: Craig Columbus [mailto:[EMAIL PROTECTED]]
>Sent: Monday, Ma
t: Monday, May 21, 2001 12:50 PM
> To: [EMAIL PROTECTED]
> Subject: RE: PIX question... [7:5248]
>
>
> Actually it seems as if you understand exactly what I'm
> asking. Your idea is
> very similar to mine. However it didn't work unfortunately.
> Let me ask this
addresses, and not the
private address themselves?
andras
-Original Message-
From: Rizzo Damian [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 21, 2001 10:50 AM
To: [EMAIL PROTECTED]
Subject: RE: PIX question... [7:5248]
Actually it seems as if you understand exactly what I'm asking.
if it can be done. The static
>mapping doesn't seem to work. Probably because it require a one-to-one
>mapping no? Thanks for any help in advance!
>
>
>
> -Rizzo
>
>
>
>
>
>-Original Message-
>From: Craig Columbus [mailto:[EMAIL PROTECTED]]
>S
one. The static
mapping doesn't seem to work. Probably because it require a one-to-one
mapping no? Thanks for any help in advance!
-Rizzo
-Original Message-
From: Craig Columbus [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 21, 2001 1:12 PM
To: [EMAIL PROTECTED]
Subject: RE: PIX
>
>
>
>
>-Original Message-
>From: Craig Columbus [mailto:[EMAIL PROTECTED]]
>Sent: Monday, May 21, 2001 11:44 AM
>To: Rizzo Damian
>Cc: [EMAIL PROTECTED]
>Subject: Re: PIX question... [7:5248]
>
>Sounds like a VPN is your best bet.
>Should you decide to imp
nt: Monday, May 21, 2001 11:44 AM
> To: Rizzo Damian
> Cc: [EMAIL PROTECTED]
> Subject: Re: PIX question... [7:5248]
>
> Sounds like a VPN is your best bet.
> Should you decide to implement the VPN, you may want to consider whether
> you still need to maintain the modem pool on the
:[EMAIL PROTECTED]]
Sent: Monday, May 21, 2001 11:44 AM
To: Rizzo Damian
Cc: [EMAIL PROTECTED]
Subject: Re: PIX question... [7:5248]
Sounds like a VPN is your best bet.
Should you decide to implement the VPN, you may want to consider whether
you still need to maintain the modem pool on the Internet
Sounds like a VPN is your best bet.
Should you decide to implement the VPN, you may want to consider whether
you still need to maintain the modem pool on the Internet router. Reducing
this cost could help justify the cost of implementing a VPN solution. A
properly authenticated VPN user shoul
Scary, use VPN
>>> "Rizzo Damian" 05/21 10:15 AM >>>
Hey all, is it possible to translate public IP addresses (outside) to
private IP addresses (inside) on a PIX firewall. Basically the exact
opposite of what's usually performed on a firewall. We are going to have
users dial in to our internet r
Hey all, is it possible to translate public IP addresses (outside) to
private IP addresses (inside) on a PIX firewall. Basically the exact
opposite of what's usually performed on a firewall. We are going to have
users dial in to our internet router and receive a Public IP address. They
have to get
22 matches
Mail list logo
