Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
1
Replies

Convert PIX conduit to ACL

kuo5
Level 1
Level 1

‎05-10-2005 11:54 AM - edited ‎02-21-2020 12:08 AM

Hi,

Can conduit command co-exist with ACL in PIX ver 6.3?

I inherit a pix that was using conduit command in the past, I need to convert it to ACL but don't want do it all at once. Is it possible to migrate from conduit to ACL one at a time?

Thanks.

0 Helpful
1 Reply 1

sgrenzeb8
Level 1
Level 1

‎05-10-2005 03:45 PM

Coincidentally this is what I have had to test last night inorder to upgrade a

production environment PIX.

The PIX was configured with conduits and running the ver 5.2, the upgrade was

to ver 6.3 and migrating the conduits to ACL.

Because of the PIX Conduit and Outbound Feature Deprecation

http://cisco.com/en/US/products/sw/secursw/ps2120/products_field_notice09186a00801d3621.shtml

The configs for the 528 included conduits, and it appeared that the 634 PIXOS was backward compatible.

I can not confirm that conduits and ACL can co-exist within your particular

configuration (cisco doesn't recommend it), however it worked for me as I had the same ACL as conduits,

converted all at once by using the Cisco tool.

To convert the conduits into ACLs use the tool:

(https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl ).

If they are the same then the ACL take precedence. Once having that you can

remove the conduits from your configuration one by one, and do not forget to

enter these commands to clear the translation and arp tables:

clear xlate

clear arp

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card