Static NAT, a bit confused

Hi guys,

I am testing an HA PIX 515 with 3 network interfaces. I've done a small diagram that can be seen there -

formatting link
On the diagram, 3 servers. One is located on the external network in a zone having "0" security, another server is located behing an interface named intf2 having security 40 on it. And finally, I have a third server in the inside network (security 100)

I have to write down an access-list to allow ANY ANY between all those networks attached to the PIX.

But, firstly, I need to static nat the networks.

networks having a bigger "security" need to be "nated on itself" to get to another smaller security level, is that the right way of thinkig it?

By then, I should write this

static (intf2,external) 192.168.30.0 192.168.30.0 netmask 255.255.255.0 static (intf2,inside) 192.168.30.0 192.168.30.0 netmask 255.255.255.0 static (inside,external) 192.168.10.0 192.168.10.0 netmask 255.255.255.0

Is that correct?

Thank you to highlight a bit my way,

/edgar

Reply to
"Edgar® du
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.