I have a PIX ASA FW. To make auditors happy. I plan to insert it onto the egress between my (internal-switch) and someone else's (external-router called R2)
The inside switch will be transparent (No IP). The Inside interface of the FW will be the GW for the hosts. The outside interface of the FW will connect to R2.
My question is: Does someone have a really lame ASA config I could add onto this device so that: A: There is a GW IP on the ASA, pingable from the inside hosts. B: NO NAT. (So both sides can initiate a session)
and still keep the required. outside security0 inside security100
I'll worry about access lists later. Thanks, crzzy1