PIX Conduit Conversion Tool

dj.jblanchard · ‎01-29-2003

Do you know if there is a tool that will convert conduits to ACL's on the PIX 520. I found the information on how to do it using CiscoWorks, but this customer is not running CiscoWorks.

gfullage · ‎01-29-2003

The Output Interpretor has this feature (https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl). Paste in your PIX config and near the bottom of the output it'll show you your access-lists.

rtheobald · ‎03-27-2003

If you paste the output of "wr t" from the pix into Cisco's Output Interpreter Tool, it will display the conversions at the end. Cisco Output Interpreter is located under Technical Support => Tools and utilities.

dj.jblanchard · ‎03-28-2003

I tried this tool, it gave me a bogus output. First it did not recongnize my version (which was 6.1) and then it told me I did not have an interface set to 0 nor one at 100. It never touched the conduits, what I did was get with the local Cisco office who had access to a different tool that only needed the conduit lines to do the conversion. Unfortunately that tool is only available to Cisco internally.

dkorell · ‎04-01-2003

I used the tool a couple weeks ago for a 6.2.2 and it converted all my conduits to access lists. I used it today though and first it didn't like that I was using 6.3.1. So I changed the version to trick it and it still gives an error about "document.writeIn". I then pasted the config I used a couple weeks ago and same problem.

So, bottom line is it really does work for converting conduits but it's messed up right now. As for the other things like interface speed, you can ignore a lot of that and just take from it what you really need.