Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Conduit to access list conversion

I am going to be converting from conduits to ACLs because I understand that is the recommended thing to do. Is the following true.....

conduit permit tcp host uknotes eq www any

conduit permit tcp host uknotes eq 443 any

conduit permit tcp host uknotes eq 1352 any

can be replaced with.....

access-list 101 permit tcp any host uknotes eq www

access-list 101 permit tcp any host uknotes eq 443

access-list 101 permit tcp any host uknotes eq 1352

access-group 101 in interface outside

This is to block all access to our Lotus Notes server except for http, https and Notes E-Mail.

Thanks very much,

Rich.

2 REPLIES
New Member

Re: Conduit to access list conversion

Those access-lists should do the trick.

If you are worried about the conversion, use the outputinterpreter -

https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl

Paste in your pix config and it will evaluate it. It will also give you a list of access-list statements to replace any conduit statemenst you have.

~rls

New Member

Re: Conduit to access list conversion

Thanks very much for your help

104
Views
0
Helpful
2
Replies
CreatePlease login to create content