Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
321
Views
0
Helpful
2
Replies

PIX 525 outside Access-list ISSUE

soshomile
Level 1
Level 1

‎07-23-2007 01:02 AM - edited ‎03-11-2019 03:47 AM

Dear All;

i have PIX 525. i have configure PIX in such a way that my all Exchange, VPN, any inbound traffic would cross the firewall. i also define some conduit against smtp, imap, www, pop3, https. now when i tried to implement a Access-list on outside interface to allow RDP traffic using port 3389 to my internal server, it causes to stop conduit command and my exchange traffic stop working. here i nee to know that :

1. can we implement more then 1 access-list on outside interfaces

2. why my conduit stop working when i implement assecc-list on outside interface.

3. if so then how can i creat path to allow my incoming desired RDP traffic on 3389 port.

Regards

Soshomile

Labels:
0 Helpful
2 Replies 2

mattiaseriksson
Level 3
Level 3

‎07-23-2007 01:17 AM

Hi,

If the configuration contains conduits to allow inbound traffic to the internal servers, and then you apply an access list to the outside interface, this overrides all of the conduit statements.

You should use either access lists or conduits to permit inbound traffic into the internal networks, but do not use both.

1. No

2. See above.

3. You should convert your conduits into an access-list and apply that access-list to your outside interface.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card