From: Scott Morris (swm@emanon.com)
Date: Fri Oct 01 2004 - 20:38:29 GMT-3
Well, if we break the command down, it would simply appear that one is for
the entire IP (all ports) while the other is simple for the tcp port 80.
Your best practice will depend entirely on your network architecture and a
few other things we aren't privvy to!
Both work well, and if both suffice for your needs, then pick a nice coin
and flip it! :)
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, CISSP,
JNCIP, et al.
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
swm@emanon.com/smorris@ipexpert.net
http://www.ipexpert.net
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Collin Clark
Sent: Friday, October 01, 2004 3:14 PM
To: ccielab@groupstudy.com
Subject: pix static command(s)
What is the functionality difference between these two commands? Is one
suggested over the other (best practices)?
static (inside,outside) 1.1.1.1 192.168.1.5
static (inside,outside) tcp 1.1.1.1 www 192.168.1.5 www netmask
255.255.255.255
This archive was generated by hypermail 2.1.4 : Sat Nov 06 2004 - 17:11:42 GMT-3