Carroll, Thanks for the reply. I'm using conduits now, but will switch to access lists in the future. (I'd like to fully understand the configuration I inherited before I start making changes) Are implicit denys inserted behind each conduit as well?
""Carroll Kong"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Implicit denys behind every access-list are inserted. Are you > mixing conduits and access-lists? You really should not. Use ALL conduits > or ALL access-lists. If both are used, conduits take priority and override > your access-lists. Access-lists are first match, conduits are any match. > > At 09:24 AM 11/19/01 -0500, Steve Alston wrote: > >Does the PIX 506 require an explicit deny statement after setting up a > >permit conduit or access list. > > > >I appear to be receiving more traffic (e.g. NTP) than my conduit statements > >allow. > > > >Thanks much, > >Steve > -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26700&t=26684 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
