Static (inside,dmz) same ip addresses for both of them

zillah

While i was googling I found the link below :
http://www.ingate.com/files/Engineering_Note_Ingate_SIParator_with_Cisco_Pix_en-A.pdf

What got me confused is this quote from the link above

Static (inside,dmz) 10.1.0.0 10.1.0.0 netmask 255.255.248.0 0 0
static (dmz,inside) 31.32.33.1 31.32.33.1 netmask 255.255.255.255 0 0
static (dmz,outside) 31.32.33.1 31.32.33.1 netmask 255.255.255.255 0 0
static (outside,dmz) 64.63.62.0 64.63.62.0 netmask 255.255.248.0 0 0

Why are the ip addresses same ?

forbesl

zillah wrote:

While i was googling I found the link below :
http://www.ingate.com/files/Engineering_Note_Ingate_SIParator_with_Cisco_Pix_en-A.pdf

What got me confused is this quote from the link above

Static (inside,dmz) 10.1.0.0 10.1.0.0 netmask 255.255.248.0 0 0
static (dmz,inside) 31.32.33.1 31.32.33.1 netmask 255.255.255.255 0 0
static (dmz,outside) 31.32.33.1 31.32.33.1 netmask 255.255.255.255 0 0
static (outside,dmz) 64.63.62.0 64.63.62.0 netmask 255.255.248.0 0 0

What are the ip addresses same ?

The IP addresses are the same because they want them to appear the same on the other interface also.

EX: static (dmz,outside) 31.32.33.1 31.32.33.1 netmask 255.255.255.255 0 0

31.32.33.1 from the DMZ will also be 31.32.33.1 on the outside.

The PIX expects a translation. If you don't want to translate, you have to tell it NOT to translate. With the statements above, you are not doing any translation from interface to interface. The NAT 0 command also tells the PIX not to translate.