11-28-2005 04:10 PM - edited 03-09-2019 01:10 PM
Can anyone summarize the difference between Conduit and Outbound?
I tried to allow traffic on specific ports to just two IP addresses with conduit statements, but they did not allow any of the traffic I was hoping. If I put a general Outbound permit statement, it works great for my one application, but bypasses the requirements to go through my proxy server.
I don't know if I am using conduits in the wrong sense. . .
It's a PIX 515e with 5.3 installed.
Solved! Go to Solution.
11-28-2005 08:37 PM
It might be time to change to access lists. There are not a lot of people that are still using conduits and they not supported any more since a couple of years by Cisco itself.
Note The conduit command has been superseded by the access-list command. We recommend that you migrate your configuration away from the conduit command to maintain future compatibility.
You can find some hints about conduits in the command reference guide.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094885.shtml
Conduits:
A conduit command statement creates an exception to the PIX Firewall Adaptive Security mechanism by permitting connections from one firewall network interface to access hosts on another
Outbound:
The outbound command creates an access list that lets you specify the following:
* Whether inside users can create outbound connections
* Whether inside users can access specific outside servers
* What services inside users can use for outbound connections and for accessing outside servers
* Whether outbound connections can execute Java applets on the inside network
sincerely
Patrick
11-28-2005 08:37 PM
It might be time to change to access lists. There are not a lot of people that are still using conduits and they not supported any more since a couple of years by Cisco itself.
Note The conduit command has been superseded by the access-list command. We recommend that you migrate your configuration away from the conduit command to maintain future compatibility.
You can find some hints about conduits in the command reference guide.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094885.shtml
Conduits:
A conduit command statement creates an exception to the PIX Firewall Adaptive Security mechanism by permitting connections from one firewall network interface to access hosts on another
Outbound:
The outbound command creates an access list that lets you specify the following:
* Whether inside users can create outbound connections
* Whether inside users can access specific outside servers
* What services inside users can use for outbound connections and for accessing outside servers
* Whether outbound connections can execute Java applets on the inside network
sincerely
Patrick
11-30-2005 10:47 AM
With 5.3, I was not sure if ACL's are supported or not. I'm looking into details on getting an upgrade to something a little newer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide