PIX 515E NONAT

thewrench · Nov 6, 2002

I am running a Class C network and cannot seem to get the PIX to do protection against Trojans, Nimda etc.

The PIX is running 3 interfaces (ouside,dmz,inside). I have a /24 for the inside, and a /29 for the other 2 interfaces. My problem is that the people have always been externally addressable and protected by UNIX scripts. Since the UNIX box was removed and the PIX was turned on we have been some what exposed.

When i try to tighten down the connection like i would in a NAT environment, i lose internet access to the internal PC's.

please advise

the wrench

yizhar · Nov 7, 2002

HI.

> ... cannot seem to get the PIX to do protection against Trojans, Nimda ...

The pix cannot do that.

You need to do such content filtering with another device/software .

Bye
Yizhar Hurwitz

http://come.to/yizhar

http://teachers.sivan.co.il/yizhar

gbiello · Nov 7, 2002

> ...When i try to tighten down the connection like i would in a NAT environment, i lose internet access to the internal PC's...

If you post your config we can possibly tell you where you've gone wrong.

-gbiello

thewrench · Nov 7, 2002

Thanks for the responses. It is fixed now. I was missing a protocol on my permit list before the implicit deny.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

PIX 515E NONAT

thewrench

IS-IT--Management

yizhar

MIS

gbiello

Technical User

thewrench

IS-IT--Management

Similar threads

Part and Inventory Search

Sponsor