03-27-2009 02:16 PM - edited 03-11-2019 08:11 AM
I'm creating statics like:
static (dmz,outside) public dmz mask
I thought I would just open the ports in the acl, but I know I can do something like:
static (dmz,outside) public ip 80 dmz ip 80 netmask
Is this the "better" way of doing it, or does it really matter?
Thanks,
John
Solved! Go to Solution.
03-27-2009 02:23 PM
John
Others may differ but i only use ports in the static statement when i am doing port forwarding ie. using the same public IP to forward to multiple private IP addresses on different ports.
Otherwise i just use a static and tie down the access with acl entries. NAT should not really be relied upon for security.
Jon
03-27-2009 02:23 PM
John
Others may differ but i only use ports in the static statement when i am doing port forwarding ie. using the same public IP to forward to multiple private IP addresses on different ports.
Otherwise i just use a static and tie down the access with acl entries. NAT should not really be relied upon for security.
Jon
03-27-2009 02:25 PM
Okay, that's what I'm doing. I have a single public address that's forwarding on different ports to different hosts (some in dmz and some on the inside). I've had to use port translation on those.
Thanks Jon!
John
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: