Solved: Re: Can't remove conduit statement

jealvarez · ‎09-07-2004

On a PIX that has 6.3(3) I want to remove a legacy conduit statement of the form

conduit permit tcp host mailserver eq smtp any

Yet when a

no conduit permit tcp host mailserver eq smtp any

is executed the PIX responds with "Specified access-list does not exist" and the conduit is not deleted. Is there a way to remove this conduit?

mike-greene · ‎09-08-2004

You said "The configuration already had a "name" statement for the mailserver"...did you add the name back in, then remove the conduit?

View solution in original post

mike-greene · ‎09-07-2004

Hi,

Maybe the conduit was added when the "name" command was used as a host table for the PIX. Try adding this..

name 192.168.1.1 mailserver

Then try and remove the conduit. If it works, remove the host line above.

Hope that helps.

jealvarez · ‎09-08-2004

Thanks for your suggestion.

The configuration already had a "name" statement for the mailserver.

It appears to remove the conduit a corresponding access-list must exist. Yet I tried something like

access-list acl_mail permit tcp host mailserver eq smtp any

but it still does not allow me to delete the conduit.

mike-greene · ‎09-08-2004

You said "The configuration already had a "name" statement for the mailserver"...did you add the name back in, then remove the conduit?

jealvarez · ‎09-09-2004

That solved the issue. I re-entered the 'name' statement and the PIX complained that the name was already assigned. Yet after that, it did allow me to remove the conduit.

Thanks for your assitance.

Can't remove conduit statement

the statement about using DH5

Link-State Advertisements 'LSA' OSPF - Basis -

How to remove a BGP statement

UCCX Sandbox Removed

can't remove sub interfaces - remove the whole interface