Suppose I have a three legged PIX, and I want my web server on the DMZ to be accessible from the internet. So I publish it using the static(dmz, outside) command. Now my question is: without any further configuration, and using PIX
6.x, is the web server able to start an outside connection to the internet (if compromised for example)? Is the "nat-control" behaviour, which should be the default behaviour for version 6.x going to prevent it? What about PIX version 7 ? Do I have to enable "nat-control" to reach the same result?Many thanks to everybody who will clarify this point