PIX Access-Lists - Network

This is a discussion on PIX Access-Lists - Network ; I'm converting my conduit statements to acces-lists and I didn't want to roll it out until some wiser people than myself had a chance to take a look at it. Old: conduit permit tcp host eq smtp any Old: conduit ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: PIX Access-Lists

  1. PIX Access-Lists

    I'm converting my conduit statements to acces-lists and I didn't want
    to roll it out until some wiser people than myself had a chance to
    take a look at it.

    Old: conduit permit tcp host eq smtp any
    Old: conduit permit tcp host eq pop3 any

    New: access-list 1 permit tcp host any eq smtp
    New: access-list 1 permit tcp host any eq pop3

    There is also a "conduit permit tcp any eq www any" statement. I'm
    wondering if I need this at all since we do not have a web server.
    I'm not sure why this is in there.

    Thanks for your time,

    Bill Short
    Harold Beck & Sons, Inc.
    Newtown, PA

  2. Re: PIX Access-Lists

    You can kill the any www any if there is no Webserver.

    But more importantly PLEASE rethink about posting in here about
    LISTING your ACLs, and I'm guessing your using CISCO as your choice of
    router.

    But what kills me the most is your using your COMPANIES EMAIL...

    All we have to do is find what IPs you own, and that's not even HALF
    OF THE HALF.

+ Reply to Thread