Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Welcome to the Firewalling Discussion

Welcome to the Cisco Networking Professionals Connection Security Forum. This conversation will provide you the opportunity to discuss issues surrounding firewalling. We encourage everyone to share their knowledge and start conversations on issues such as perimeter security, data privacy, identity and any other topic concerning firewalling.

Remember, just like in the workplace, be courteous to your fellow forum participants. Please refrain from using disparaging or obscene language or posting advertisements.

We encourage you to tell your fellow networking professionals about the site.

If you would like us to send them a personal invitation simply send their names and e-mail addresses along with your name to us at np-moderator@external.cisco.com.

  • Other Security Subjects
2 REPLIES
New Member

Re: Welcome to the Firewalling Discussion

As with some others of you, I have just finished migrating to 5.3 on my PIXs. The manual seems to be pretty clear that the access-list/group commands are replacing the conduit method, so I went ahead and changed all my conduits also. In the process, however, as one of you mentioned, I found out you can have either conduits or access lists, but not both. I had intended to gradually replace my conduits, only to find that when I put my first access list in place the rest of the conduits stopped working. Oh, well, the price of progress, right?

New Member

Re: Welcome to the Firewalling Discussion

Are there a better way to protect 192.168.1.1 ?

static (dmz2, dmz1) 10.1.1.1 192.168.1.1 netask 255.255.255.255

access-list acl_dmz1 permit tcp 10.1.1.0 255.255.255.0 host 10.1.1.1

access-group acl_dmz1 in interface dmz1

BTW, how to start a conversation? I stuck at the usr/pw loop.

118
Views
0
Helpful
2
Replies
This widget could not be displayed.