The PIX firewall creates IP address-to-IP address mappings of traffic flowing through the firewall. Typically, the inside interface uses private addressing (RFC 1918) that cannot be used on the Internet. So, as the traffic is funneled out of the outside interface, NAT or PAT translation occurs. NAT replaces the source's private address with an available global public address on the outside interface, allowing traffic to travel on the public network while hiding the real (private) user IP address. |