07-15-2004 06:57 AM - edited 03-09-2019 08:04 AM
Is there any difference between using the alias command in its destination NAT form, vs. using the static command in its inbound NAT form? Just a personal preference, but I find using the static command a little easier, but I want to make sure I'm not causing any security issues.
07-15-2004 09:39 AM
I assume you are referring to bi-directional NAT (or destination NAT) when you say "using the static command in its inbound NAT form". As in "static (dmz, inside) 10.1.1.1 2.2.2.2" - note the interfaces are reversed (low,high) from what you normally do (high,low). If this is what you are referring to, then there is no difference between destination NAT via a static and destination NAT via the alias command. As a matter of fact, the alias command is being removed from the PIX code moving forward so using the static way is the recommended way to accplish destination NAT moving forward.
Scott
07-15-2004 09:53 AM
Yep. What you described is what I meant. Thanks for the response.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide