I'm creating statics like:
static (dmz,outside) public dmz mask
I thought I would just open the ports in the acl, but I know I can do something like:
static (dmz,outside) public ip 80 dmz ip 80 netmask
Is this the "better" way of doing it, or does it really matter?
Others may differ but i only use ports in the static statement when i am doing port forwarding ie. using the same public IP to forward to multiple private IP addresses on different ports.
Otherwise i just use a static and tie down the access with acl entries. NAT should not really be relied upon for security.