Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
317
Views
0
Helpful
2
Replies

alias dnat vs. static inbound NAT - Any difference?

tbissett
Level 1
Level 1

‎07-15-2004 06:57 AM - edited ‎03-09-2019 08:04 AM

Is there any difference between using the alias command in its destination NAT form, vs. using the static command in its inbound NAT form? Just a personal preference, but I find using the static command a little easier, but I want to make sure I'm not causing any security issues.

Labels:
0 Helpful
2 Replies 2

scoclayton
Level 7
Level 7

‎07-15-2004 09:39 AM

I assume you are referring to bi-directional NAT (or destination NAT) when you say "using the static command in its inbound NAT form". As in "static (dmz, inside) 10.1.1.1 2.2.2.2" - note the interfaces are reversed (low,high) from what you normally do (high,low). If this is what you are referring to, then there is no difference between destination NAT via a static and destination NAT via the alias command. As a matter of fact, the alias command is being removed from the PIX code moving forward so using the static way is the recommended way to accplish destination NAT moving forward.

Scott

0 Helpful

tbissett
Level 1
Level 1
In response to scoclayton

‎07-15-2004 09:53 AM

Yep. What you described is what I meant. Thanks for the response.

0 Helpful
Customers Also Viewed These Support Documents