inline Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS Senior QA Rep. BMC Software, Inc. (713) 918-2412 [EMAIL PROTECTED] http://www.bmc.com
-----Original Message----- From: kk downing [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 08:48 To: [EMAIL PROTECTED] Subject: NAT or PAT vs just STATIC Hello, For a mahine in a DMZ with a private IP address is it better to use NAT/PAT or just map it to a public IP via the static command and then provide a conduit? [Wes Noonan wrote:] Better is too subjective. It depends. Personally, I NAT them when I can, PAT them if I can't. Also correct me if I am wrong but isn't the only difference between NAT and PAT is in that in PAT you only specify one IP instead of network range? Am I missing something there? [Wes Noonan wrote:] NAT is a 1 to 1 mapping. PAT is a 1 to many mapping. Lastly in order for machines on my inside network to access machines on the DMZ do I need to specify a conduit from the publicIP my inside machines get NAT's to to the public IP my machine on the DMZ gets NAT'd to? [Wes Noonan wrote:] I don't understand this last sentence. You shouldn't need a conduit to go from a higher security interface to a lower security one. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
