Actually the syntax on the conduit is a little off.. should be:
conduit permit tcp <DA> <D Mask> <SA> <S Mask> eq <type>
conduit permit tcp host 192.168.1.222 any eq www
. although with 5.0 of the PIX IOS, they want you to use Access-lists
instead of conduit statments.. so your config would look like:
static (inside,outside) a.b.c.d 192.168.1.222 netmask 255.255.255.255 0 0
static (inside,outside) a.b.c.d 192.168.1.223 netmask 255.255.255.255 0 0
access-list acl_in permit tcp any host 192.168.1.222 eq www
access-list acl_in permit tcp any host 192.168.1.223 eq smtp
access-group acl_in in interface outside
Hope that helps
Russ..
""Richard Tran"" <[EMAIL PROTECTED]> wrote in message
8mtf4l$vp7$[EMAIL PROTECTED]">news:8mtf4l$vp7$[EMAIL PROTECTED]...
> We have an ip address(a.b.c.d) registered with an internet domain name.
This
> domain is served both as our email and website domain. We have one
internal
> web(192.168.1.222) and one internal mail server(192.168.1.223). I have a
> question about the pix configuration below.
>
> static (inside,outside) a.b.c.d 192.168.1.222 netmask 255.255.255.255 0 0
> static (inside,outside) a.b.c.d 192.168.1.223 netmask 255.255.255.255 0 0
> conduit permit tcp host a.b.c.d eq www any
> conduit permit tcp host a.b.c.d eq smtp any
>
> Is this the right configuration for the pix to redirect the appropriate
> traffic to the internal servers?
>
> Any response is greatly appreciated.
>
>
>
> ___________________________________
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
