You certainly can do this but it is not recommended by Cisco in the PIX documentation due to the fact that access-list statements will be evaluated first and debugging can get kind of messy with both conduits and access-lists. On a side note, I did ...