Following on from my previous conversation market "NAT on ASA not working" I've got another question. I've got vpn clients that only need to access rdp to the servers, at least for now. Shoud I run static commands as follows:
static (inside,dmz) 10.50.50.0 10.50.50.0 netmask 255.255.255.0
Then have an access-list on the inside interface to only allow access to 3389
or should I run something like:
static (inside,dmz) tcp 10.50.50.0 3389 10.50.50.0 3389
What's the best way here? And why wouldn't you use the other option?