Jon Marshall Thu, 08/30/2007 - 06:08
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Conduits have been replace by access-lists on the pix. You still need NAT etc. but you allow access by creating access-lists and applying them to interfaces eg


access-list outside_in permit tcp any host 194.32.5.1 eq www

access-list outside_in permit tcp any host 194.32.5.2 eq https


access-group outside_in interface outside


This would allow http from outside of your pix through to 194.32.5.1 and https traffic from outside to 194.32.5.2.


HTH


Jon

jeremyault Thu, 08/30/2007 - 06:48
User Badges:

I have the Cisco Press Study guide for the SNPA exam 642-522 which has an entire section on ACLs on PIX.


I believe there is also a tool on the Cisco website that will convert configurations with conduits to ACLs to save some work.


You can still do Conduits if you want (the PIX will support them) - however, it is recommended that you do not use Conduits if you're using ACLs because ACLs will take precidence over conduits.

sateeshk10 Tue, 09/02/2008 - 08:02
User Badges:

Hi,


I have a suituation that i need to convert all my conduit to ACL..will abv mention tool is ok..


Regards

satesh

Actions

This Discussion