cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
272
Views
0
Helpful
2
Replies

Access-list implementation issues

soshomile
Level 1
Level 1

Dear All;

i have PIX 525. i have configure PIX in such a way that my all Exchange, VPN, any inbound traffic would cross the firewall. i also define some conduit against smtp, imap, www, pop3, https. now when i tried to implement a Access-list on outside interface to allow RDP traffic using port 3389 to my internal server, it causes to stop conduit command and my exchange traffic stop working. here i nee to know that :

1. can we implement more then 1 access-list on outside interfaces

2. why my conduit stop working when i implement assecc-list on outside interface.

3. if so then how can i creat path to allow my incoming desired RDP traffic on 3389 port.

Regards

Soshomile

2 Replies 2

zulqurnain
Level 3
Level 3

hi,

1. you should not be able to apply two different access-list on the same interface

2. conduit are like access-list or visa-versa, in older versions conduit was used from 6.3 access-list is recomemded and most likely that's the reason your conduit stopped working when you apply your access-list with conduit, you should stick to one and create access-list to allow traffic.

3. static (inside, outside) tcp 3389 3389 netmask 255.255.255.255

access-list acl_out permit tcp any host eq 3389

Thank you Zulkarnain;

sorry i didnt see you message.

i would implement it and i would let you know.

could you please give me your msn ID ?

regards

Soshomile

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: