Jon Marshall Thu, 08/30/2007 - 06:08
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


Conduits have been replace by access-lists on the pix. You still need NAT etc. but you allow access by creating access-lists and applying them to interfaces eg

access-list outside_in permit tcp any host eq www

access-list outside_in permit tcp any host eq https

access-group outside_in interface outside

This would allow http from outside of your pix through to and https traffic from outside to



jeremyault Thu, 08/30/2007 - 06:48
User Badges:

I have the Cisco Press Study guide for the SNPA exam 642-522 which has an entire section on ACLs on PIX.

I believe there is also a tool on the Cisco website that will convert configurations with conduits to ACLs to save some work.

You can still do Conduits if you want (the PIX will support them) - however, it is recommended that you do not use Conduits if you're using ACLs because ACLs will take precidence over conduits.

sateeshk10 Tue, 09/02/2008 - 08:02
User Badges:


I have a suituation that i need to convert all my conduit to ACL..will abv mention tool is ok..




This Discussion