Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
168
Views
4
Helpful
1
Replies

Using statics for access

r-remien
Beginner
Beginner

‎09-22-2002 04:45 PM - edited ‎03-09-2019 12:25 AM

I know that the static statement is used to access a higher security level interface from a lower security interface. Also, if you want to disable NAT you use the formula static (high,low) high high. I have used the same formula with the static command in accessing my dmz from the inside (going from higher to lower). Although, in Pix software verison 6.2 it says you need to use nat and global commands to go from higher to lower. There is also an example of this in the following link - http://www.cisco.com/warp/public/110/mailserver_dmz.html. Anyway, are both ways OK to use? Or is one better/more secure than the other?

Thanks,

RJ

Labels:
0 Helpful
1 Reply 1

steve.barlow
Rising star
Rising star

‎09-23-2002 09:48 AM

Statics are for low to high and nat is used for high to low. You should follow this rule. Even is you disable NAT, you use static as it is still low going to high. Static from high to low isn't required as by default high has access to low (with nat command).

Hope it helps.

Steve

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents