I'm newbie in PIX fw. I would like to setup ping between all hosts through pix.
I have configured 3 interfaces on pix. No one is connected to internet.
I've read about nat/static issues, but I don't know if it's suitable for my case, because I haven't any globall adresses from ISP provider.
Lots of consideration will have to taken into account.
Not sure if PIX is the right device for the kind of application you described. If there is no security concern then having PIX will only give you more trouble. While communication has to be restricted then yes, PIX is the right device. Anyways, have a look at this link and it will give you more ideas :
Remember this golden rule:
If packet needs to go out from inside to outside, NAT/Global has to be used.
If a packet has to be permitted from outside to inside,
1) The outside IP to which that packet is destined, has to be mapped to an inside address using "static".
2) that particular protocol/port has to be opened. (ICMP in your case)
NOTE: If an inside address is mapped to an outside address using static command, then if the packet originates from the same inside
source, the outside IP will be the one used in static command and NOT the one from the global pool.
Hope this helps !!
The administrator has disabled public write access.
Re: Ping between 3 nets through pix
12 years 3 months ago #11802