Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 4 Feb 2005 10:16:31 +0300
From:      "Nickolay Kritsky" <>
To:        "Brett Glass" <>, <>
Subject:   RE: Does the Cisco PIX have an equivalent of the IPFW "fwd" action?
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
Brett, I do not think that PIX has an equivalent of ipfw 'fwd' command. =
The fastest way, IMHO would be just set up your transparent web proxy as =
a default gateway for PIX. You can also try policy routing as described =
in this Usenet article: =

But I wouldn't try this if I were you. PIX is not IOS, and AFAIK it was =
not designed for complex network solutions. Firewall - yes. Filtering, =
security features, advanced VPN support - yes. But not routing tricks.
Hope that helps


-----Original Message-----
From: Brett Glass []
Sent: Friday, February 04, 2005 2:34 AM
Subject: Does the Cisco PIX have an equivalent of the IPFW "fwd" action?

I'm setting up a FreeBSD transparent Web proxy for a client which has an =
(vintage 1998) Cisco PIX firewall router. I know how to make the proxy =
packets forwarded to it (even though the destination IP addresses of =
packets will not be that of the proxy machine itself) and do transparent =
However, to complete the puzzle, I need to make the client's PIX =
firewall forward=20
outbound packets destined for port 80 (regardless of IP address) to the =
proxy. I=20
can't seen to find the magic incantation in Cisco's online docs. Does =
anyone here=20
know the Cisco equivalent of the IPFW "fwd" action, (which changes the =
"next hop"=20
MAC address of a packet if it meets the criteria specified in a rule) =
and how to=20
write a rule for the PIX to forward the packets? Help would be much =

--Brett Glass

_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Want to link to this message? Use this URL: <>