06-22-2006 03:52 AM - edited 03-03-2019 03:46 AM
Hi all
can anyone please tell me what is the best or most used way of natting a server to be used on the internet etc, would you use a static nat and just use an access list to control port number access to the server, or would you just nat the ip and port number of the server, ie port forwarding ?
cheers
Carlos
06-22-2006 04:45 AM
Hi
According to me the usage depends on how much is your need for that IP.It is always advisable to enable NAT b'coz of security reasons.
Case I(Port Forwarding) :- I have only one IP and got 3 servers(http,ftp and mail), I will definately use port forwarding because of restriction.
Case II(1-1 binding):-As already mentioned, I have 3 servers and a whole bunch of IP pool to spare,I will definately bind one IP for each server and couple of ACLs will do the needfull.
I will not deny that the above defination is very crude in comparision to the foroum it has been posted in, but still thats my way of explaining it :)
Regards
JD
06-22-2006 04:51 AM
Hi
If you are more concerned on the security front then better place a PIX in front of the firewall and open the required port on that.
Or else you can do a static translations in which you can map the ports required for the services.(in other words on the ports where you want to run the application)..
regds
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide