I'm converting my conduit statements to acces-lists and I didn't want
to roll it out until some wiser people than myself had a chance to
take a look at it.
Old: conduit permit tcp host <Xchange server ip> eq smtp any
Old: conduit permit tcp host <Xchange server ip> eq pop3 any
New: access-list 1 permit tcp host <Xchange server ip> any eq smtp
New: access-list 1 permit tcp host <Xchange server ip> any eq pop3
There is also a "conduit permit tcp any eq www any" statement. I'm
wondering if I need this at all since we do not have a web server.
I'm not sure why this is in there.
Thanks for your time,
Harold Beck & Sons, Inc.
Re: PIX Access-Lists
You can kill the any www any if there is no Webserver.
But more importantly PLEASE rethink about posting in here about
LISTING your ACLs, and I'm guessing your using CISCO as your choice of
But what kills me the most is your using your COMPANIES EMAIL...
All we have to do is find what IPs you own, and that's not even HALF
OF THE HALF.