1) Am I best to have a WAN>DMZ CNAT rule and a DMZ>WAN CNAT rule to do the translation each way?
If the goal is to have clients to talks to Server, then you just need WAN>DMZ CNAT ( DST NAT) rule, as long as Clients initiate the session to servers, return traffic will be allowed .
On the other hand, if you have a need where SERVER can be a initiator of session to Clients, you need DMZ>WAN CNAT ( SRC NAT).
If you have a need for both cases, you need NAT in both directions: WAN>DMZ CNAT ( DST NAT) and DMZ>WAN CNAT ( SRC NAT).
2) Is there a difference in each way of doing this? why use a VIP over Central NAT rule for inbound traffic?
With out Central NAT, and using just VIP for inbound traffic, you will need multiple policies.
For example, if we have three servers : S1, S2, S3 in DMZ, all these servers have internal IP addresses 10.10.10.1, 10.10.10.2, 10.10.10.3, and external IP addresses 22.214.171.124, 126.96.36.199, 199.199.3.
We will need three security policies to allow the above flows from external to DMZ in case of VIP
On the other hand, if we are using Central NAT, we can use single security policy . So obvious reason is scale ability.