Re: Pix515e, Access rules conversion to ACLs .

bwurm · ‎10-24-2002

I have heard a rumor that a program/app/utility exists that will take the access rules and conduits list from the pix and convert it into access lists.

Has anyone also heard this ? Has anyone found this?

Thank you

gfullage · ‎10-24-2002

The PIX Output Interpreter will do it for you. Select PIX, then "write term", paste in your config and off you go.

https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl

bwurm · ‎10-25-2002

Wooo Hoooo . That was most painless. Thank you very much.

Took me longer to log in and get there then to get converted to

accesslists and hints on how to improve my pix performance.

Thank you again.

rpieronek · ‎11-26-2002

Sep 19, 2002, 5:22am PST

Cisco does have a conduit to access list converter, it is hidden in

https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl

Under "Technologies" select "PIX" and then paste the entire PIX

configuration into the appropriate field. I would like to thank

Randy Ivener, CISSP

Network Consulting Engineer

Cisco Systems,

for the lead on where to look.

You have to do a show config and get the hole thing into the tool. Part of its output will show the conduits converted to access lists. However it does not take into account that you now have to define acls for sessions intiated on higher security interfaces going to lower security interfaces. It does do converstion of all the existing conduits.