06-11-2001 11:51 PM - edited 03-08-2019 08:21 PM
Dear all,
I want to know the difference between "conduit" and "access-lists".
When I want to protect packet from outside to inside,
what do you recommend to me? conduit or access-lists?
Thanks advance,
Willy Seo
06-12-2001 11:00 AM
I believe while they operate slightly differently they both more or less give you the same result. I remember reading in one of the more recent manuals that they want you to use the Access-lists since conduits are the older way of doing things and they are looking to move away from that to make everything more IOSy
Ben
06-12-2001 11:16 AM
Willy,
First if you are trying to decide between using conduits or access lists go with access lists and groups as the conduit will not be around much longer although it still works with PIX v6.01. The access list will allow you to simplify your config as you can create once or few sets of access lists and assign them to multiple devices through access groups. Say for example you had 3 servers behind your pix and you want to allow www, https, smtp and ssh to each of those servers. It would take 12 conduit statements to do that whereas it would take 4 access lists statements and 3 access group statements to do the same thing so you would reduce your config by 5 statements. This is really usefull if you have a large config.
Hope this helps.
Bob
03-20-2023 05:29 AM
Are you looking for a boost for your Murrieta, CA, business? Our SEO services are tailored to maximize visibility and help you reach new heights Internet Marketing Murrieta. We provide up-to-date search engine optimization (SEO) services to ensure your business stays ahead of the competition.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide