Chapter 2
Scenario: DMZ Configuration
Configuring the Security Appliance for a DMZ Deployment
Creating IP Pools for Network Address Translation
The security appliance uses Network Address Translation (NAT) and Port
Address Translation (PAT) to prevent internal IP addresses from being exposed
externally. This procedure describes how to create a pool of IP addresses that the
DMZ interface and outside interface can use for address translation.
A single IP pool can contain both NAT and PAT entries, and it can contain entries
for more than one interface.
PIX 515E Security Appliance Getting Started Guide
2-7
78-17645-01