I've got a situation where I've got a Qwest PRN (Private VPN) network with several sites with addresses 192.168.0.1, 192.168.1.0 and 192.168.2.0. Currently we have a managed firewall solution provided by Qwest but need to replace this with a Cisco Pix for a couple of different reasons. Qwest can turn off NAT and open all ports on their firewall. My issue is that I've always dealt with Pix firewalls when the WAN is on the inside of the Pix. In this scenario, the two other locations will be on the outside of the Pix. How do I allow for this WAN traffic? Do I simply allow all ports for network192.168.1.0 and 192.168.2.0 in an access list on the Pix?
Thanks for any help, Max