Cisco has supersede conduit with access-list command. You can still use conduit, but access-list is highly recommended. Access-list will be processed first before conduit command.
Additionally, access-list is more flexible control of connections in either direction. It allows for filtering based upon source and destination addressing and ports and are applied individually to each interface allowing for much more granular and secure control of connections passing through the PIX
In PIX software versions 5.0.1 and later, ACLs with access groups can be used instead of conduits. Conduits are still available, but the decision should be made whether to use conduits or ACLs. It is not advisable to combine ACLs and conduits on the same configuration. If both are configured, ACLs take preference over the conduits.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...