Firewalls: Re: PIX not first NAT

Firewalls
(July 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: PIX not first NAT
From:	peter @ baileynm . com (Peter da Silva)
Date:	Mon, 28 Jul 1997 21:48:02 -0500 (CDT)
To:	tomg @ cisco . com (Tom Guerrette)
Cc:	mcr @ sandelman . ottawa . on . ca, firewalls @ GreatCircle . COM
In-reply-to:	<3 . 0 . 32 . 19970728183228 . 0073b48c @ lint . cisco . com> from "Tom Guerrette" at Jul 28, 97 06:39:11 pm

> Nat is ip to ip address translation.  Most proxies do Port Address
> Translation (port mapping). The Cisco PIX has been shipping for over 2 1/2
> years.

Translation: "Instead of acknowledging that other NAT technologies were
already available I'm going to redefine NAT to only mean IP-level NAT,
even though this list is full of people smart enough to recognise I'm
blowing marketing smoke."

The PIX solution is certainly convenient, but it's not the only way to
do things, and some people might want to use proxies rather than an
address rewriting filter for the same reason that some people use
proxies even when NAT isn't a requirement.

There are plusses and minuses to both kinds of technology, but there's
no benefit to playing name games.

Follow-Ups:

Re: PIX not first NAT
From: Darren Reed <avalon @ coombs . anu . edu . au>

References:

Re: PIX not first NAT
From: Tom Guerrette <tomg @ cisco . com>

Indexed By Date	Previous:	(related, but off-topic) Networking Profession... From: ubik <ubik @ pdnt . com>
Indexed By Date	Next:	Re: Java/Virus/Whatever From: Joe Klemmer <klemmerj @ webtrek . com>
Indexed By Thread	Previous:	Re: PIX not first NAT From: Tom Guerrette <tomg @ cisco . com>
Indexed By Thread	Next:	Re: PIX not first NAT From: Darren Reed <avalon @ coombs . anu . edu . au>