alias vs. static command

mjsully · ‎02-26-2004

Could someone provide a clear distinction between when you would use an alias command vs. a static? Aside from dns docotoring, I am speaking more of destination NAT and why you would use the alias command when you could use the static instead?

nkhawaja · ‎02-26-2004

hi,

alias command has not been supported any more. PDM and other managers of PIX , doesnt support this command. So you better need to use static (with DNS keyworkd)

shannong · ‎02-27-2004

[static] is used to create a permanent translation entry. In other words, it creates a static NAT entry.

The [alias] command is used to provide DNS doctoring. When used, the Pix will substitute the pre-NAT address in a DNS reply for a host that has a corresponding [static] entry. As mentioned, the functionality of the [alias] command has been superceeded by the "dns" keyword for the [static] command. While the Pix still supports the [alias] command, the PDM and PIX MC does not.

aemr · ‎03-06-2004

The DNS option to the static command is not defined in the 6.33 command reference or 6.3 configuration guide. Can you tell assist with the proper sytax please.

I would like to doctor dns replies inbound from the DNS server on outside interface to the client resolver on the dmz interface. The inbound reply before doctoring is 24.24.24.24 after doctoring would be 10.10.10.10.

shannong · ‎03-08-2004

The use of the "dns" keyword is in the 6.3(3) command reference. It's also available in the CLI help. However, you would use it with the static statement for the addresses given using:

static (inside,outside) 24.24.24.24 10.10.10.10 dns netmask 255.255.255.255

This will provide DNS doctoring for hosts on the inside who access that IP address if the DNS servers that serve the domain in question are located on the outside interface of the Pix.