11-15-2002 10:34 AM - edited 03-09-2019 01:05 AM
Hi,
I am new with Pix and I would like to enable SSL port 443 on my mail server using conduit command
Thanks in advance
11-15-2002 11:28 AM
I would suggest you go with access-lists, especially if this is a new install. If it's not, look into migrating to acls. Either way it will have to work with the static command.
eg.
access-list 101 permit tcp any host x.x.x.x eq 443 (where x.x.x.x is the IP of the server)
access-group 101 in interface outside
or
conduit permit tcp host x.x.x.x eq 443 any
Hope it helps.
Steve
11-15-2002 12:16 PM
Thanks for your prompt reply.
Its not a new install and we will need to migrate to access-list soon.
One more thing--
conduit permit tcp host x.x.x.x. eq https any
will the above static command also work??
Thanks
11-15-2002 12:31 PM
The conduit statement is good but you will need a static as well:
eg
static (inside,outside) 200.200.200.200 10.1.0.1 netmask 255.255.255.255 0 0
static (inside,outside) 200.200.200.201 10.1.0.2 netmask 255.255.255.255 0 0
conduit permit tcp host 200.200.200.200 eq https any
conduit permit tcp host 200.200.200.201 eq https any
(where 200.200.200.x is the public IP and 10.1.0.x is your internal LAN).
Steve
11-15-2002 01:19 PM
Thanks for your explanation, that is all I was confused at!!
I wish to find experts like you all othr forums.
All the best to you!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: