Can someone please tell me the difference between these two configurations? As far as I am concerned, they accomplish the same thing, but one of them requires more work in creating additional (unneeded) objects. Am I wrong? Do you only use the static PAT configuration when you are altering source/destination ports?

object network OBJ-CITRIX5

host 10.208.10.15

nat (inside,outside) static XXX.XXX.XXX.XXX

object network OBJ-CITRIX6

host 10.208.10.16

nat (inside,outside) static YYY.YYY.YYY.YYY

object-group network OBJ-CITRIX-SERVERS

network host 10.208.10.15

network host 10.208.10.16

object-group service OBJ-CITRIX-PORTS-TCP tcp

port-object eq 3389

port-object eq 1494

object-group service OBJ-CITRIX-PORTS-UDP udp

port-object eq 1604

access-list ACL-OUTSIDE extended permit tcp any object-group OBJ-CITRIX-SERVERS object-group OBJ-CITRIX-PORTS-TCP

access-list ACL-OUTSIDE extended permit udp any object-group OBJ-CITRIX-SERVERS object-group OBJ-CITRIX-PORTS-UDP

access-group ACL-OUTSIDE in interface outside

---VS---

object network OBJ-CITRIX5-3389

host 10.208.10.15

nat (inside,outside) static XXX.XXX.XXX.XXX service tcp 3389 3389

object network OBJ-CITRIX5-1494

host 10.208.10.15

nat (inside,outside) static XXX.XXX.XXX.XXX service tcp 1494 1494

object network OBJ-CITRIX5-1604

host 10.208.10.15

nat (inside,outside) static XXX.XXX.XXX.XXX service udp 1604 1604

object network OBJ-CITRIX6-3389

host 10.208.10.16

nat (inside,outside) static YYY.YYY.YYY.YYY service tcp 3389 3389

object network OBJ-CITRIX6-1494

host 10.208.10.16

nat (inside,outside) static YYY.YYY.YYY.YYY service tcp 1494 1494

object network OBJ-CITRIX6-1604

host 10.208.10.16

nat (inside,outside) static YYY.YYY.YYY.YYY service udp 1604 1604

object-group service OBJ-CITRIX-PORTS-TCP tcp

port-object eq 3389

port-object eq 1494

object-group service OBJ-CITRIX-PORTS-UDP udp

port-object eq 1604

access-list ACL-OUTSIDE extended permit tcp any object-group OBJ-CITRIX-SERVERS object-group OBJ-CITRIX-PORTS-TCP

access-list ACL-OUTSIDE extended permit udp any object-group OBJ-CITRIX-SERVERS object-group OBJ-CITRIX-PORTS-UDP

access-group ACL-OUTSIDE in interface outside