Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 525 outside Access-list ISSUE

Dear All;

i have PIX 525. i have configure PIX in such a way that my all Exchange, VPN, any inbound traffic would cross the firewall. i also define some conduit against smtp, imap, www, pop3, https. now when i tried to implement a Access-list on outside interface to allow RDP traffic using port 3389 to my internal server, it causes to stop conduit command and my exchange traffic stop working. here i nee to know that :

1. can we implement more then 1 access-list on outside interfaces

2. why my conduit stop working when i implement assecc-list on outside interface.

3. if so then how can i creat path to allow my incoming desired RDP traffic on 3389 port.

Regards

Soshomile

2 REPLIES

Re: PIX 525 outside Access-list ISSUE

Hi,

If the configuration contains conduits to allow inbound traffic to the internal servers, and then you apply an access list to the outside interface, this overrides all of the conduit statements.

You should use either access lists or conduits to permit inbound traffic into the internal networks, but do not use both.

1. No

2. See above.

3. You should convert your conduits into an access-list and apply that access-list to your outside interface.

Bronze

Re: PIX 525 outside Access-list ISSUE

118
Views
0
Helpful
2
Replies
CreatePlease login to create content