can anyone direct me on the best way to edit conduit and static list when
they get up to 150-200 entries????
-----Original Message-----
From: Allen May [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 21, 2001 10:33 AM
To: [EMAIL PROTECTED]
Subject: Re: Pix command confusion [7:9275]
Even better, start using access-list instead of conduit before it's phased
out.
static (inside,outside) 210.110.xx.xx 192.168.xx.xx netmask 255.255.255.255
access-list inbound_list permit tcp host 210.110.xx.xx any eq www
access-group inbound_list in interface outside
On your access-list inbound_list just put whatever protocol and port you
want to replace the tcp and www. access-group only needs to be bound once
per access-list name & then any changes are done to the interface when you
add another to the list.
The new PIX Firewall manuals available for download have step by step
instructions on converting your old conduits to access-list statements.
Hope that helps
Allen
----- Original Message -----
From: "Greg"
To:
Sent: Wednesday, June 20, 2001 7:17 PM
Subject: Pix command confusion [7:9275]
> I have a pix 520 running version 5.2. I have to let a vendor come in to do
> some work on a Unix box. I'm a little confused as to what commands I need
to
> execute to do this (Nat, static, and/or conduit). For example how do I get
> pix to show 197.168.xx.xx to 210.110.xx.xx? Any info would be appreciated.
> Thanks
> Greg
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.230 / Virus Database: 111 - Release Date: 1/25/01
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9325&t=9275
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
