I recently inherited responsibility for a Pix - version 6.2(2). It's configured with conduits and I'm thinking about changing them all to access lists a litte bit down the line, after I do the research and really learn what I'm doing. The reason being access lists seem easier to organize, read and understand and also to stay current. So far, the only advice I've read is to not "mix access lists and conduits." But I'm assuming that means to not have lists and conduits overlapping, where some servers are protected by both. What I'd like to do is gradually convert conduits to access lists which would mean I'd have both for a little while, but I'd be careful to not have them overlap and have each server either have conduits OR access lists, but not both. If anyone has opinions on why this is a good or bad idea and any kind of recommendations on the proper way to go about it, I'd appreciate the input. If the whole idea is wrong headed and I should leave it all with conduits, that'd be useful info also - it just seems like a good idea to go with access lists. thanks. -Aaron
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66386&t=66386 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
