Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: PIX questions

From: "Payne, Patrick" <Patrick.Payne () Select com>
Date: Thu, 24 May 2001 12:52:13 -0400
When you configure the PIX firewall, you can either use the traditional
conduit/outbound statements or the more modern ACL format.  Cisco is
retiring the conduit/outbound statements at some undetermined future point
and recommend that you start using the ACL format.  Conduit/outbound _is_
supported in the beta of PIX version 6.0 and history would suggest that
Cisco will probably support the older commands for some time.  And your
right - once you apply an ACL to an interface with the "access-group"
command, your conduits & outbounds for that interface are bypassed.  You
cannot use a combination of conduits/outbounds and ACLs on the same
interface.

Regarding Websense, you can use ACLs to setup inbound and outbound access
rules and then you can also setup URL filtering with the "url-server" and
"filter" commands.  These are independant features that work simultaneously.
However, the "filter" command does not take an ACL as an argument.  If you
want to make exceptions to the filter you must type in the appropriate
network addresses and netmasks.

Pat Payne
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: