02-27-2003 11:58 AM - edited 02-20-2020 10:35 PM
I have pix 6.2 and I am not using nat for address translation, all i have nat for is :
nat (inside) 0 access-list 200
nat (inside) 0 0.0.0.0 0.0.0.0 0 0
nat (dmz:2) 0 0.0.0.0 0.0.0.0 0 0
and then i have the following statics configured:
static (inside,outside) LotusSrv LotusSrv netmask 255.255.255.255 0 0
static (inside,outside) mail-81 mail-81 netmask 255.255.255.255 0 0
static (inside,outside) bookstore bookstore netmask 255.255.255.255 0 0
static (inside,dmz:2) 204.142.81.0 204.142.81.0 netmask 255.255.255.0 0 0
static (dmz:2,outside) venus venus netmask 255.255.255.255 0 0
and a lot more...but not for all the hosts...
Obviuosly , I dont have any global command.
I just want to know that what purpose are these static commands serving, can i remove them and how do i decide that for which hosts do i need to configure static?
Solved! Go to Solution.
02-27-2003 12:50 PM
Statics expose ip addresses of high security interfaces for lower security ints. Once created, you can then use conduits or access lists to allow access from low ints to high sec. ints. So yes, you need to keep all of those if they are offering services to the outside world.
Matt
02-27-2003 12:50 PM
Statics expose ip addresses of high security interfaces for lower security ints. Once created, you can then use conduits or access lists to allow access from low ints to high sec. ints. So yes, you need to keep all of those if they are offering services to the outside world.
Matt
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide