Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Disable NAT 1

Status
Not open for further replies.

UTTech

MIS
Oct 11, 2000
245
US
2000 Small Business Server

Is there a way to disable Network Address Translation on ISA?
 
Why would you want to?

If you did, none of the client PC's would be able to get to the internet.
 
Well is there a way I can disable NAT to certain addresses?
 
You can add filters to restrict specific sites.

Is this what you're looking for?
 
Yes, I would like to disable translation for specific sites.
 
Open ISA

Expand 'Policy Elements'
Right-click 'Destination Sets' | 'New' | 'Set'
Add the sites you wish to block.
Finish the wizard.

Expand 'Access Policy'
Right-click 'Site and Content Rules'
Select 'New' | 'Rule'
Rule wizard starts.
Type in name of the rule. Next.
Select 'Deny' | can check 'Iff HTTP Request...' for custom error page. Next.
Select 'Deny Access Based on Destination'
Select 'Specified Destination Set'
Select the name of the destination set you created.
Finish the wizard.

That's it, you're done.
 
That didn't work. Basically, we created a VPN from out site to another site using Cisco PIX Firewall. When we ping the remote site with a workstation here, the IP address is translated to the server IP address. NAT is enabled on the PIX so I want to disable NAT on the server. Is this possible?
 
The only other idea I can come up with is to relocate your VPN. Instead of the initiating VPN from the PIX, do it from the server.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top