Firewall Wizards mailing list archives
RE: PIX questions
From: "Payne, Patrick" <Patrick.Payne () Select com>
Date: Thu, 24 May 2001 12:52:13 -0400
When you configure the PIX firewall, you can either use the traditional conduit/outbound statements or the more modern ACL format. Cisco is retiring the conduit/outbound statements at some undetermined future point and recommend that you start using the ACL format. Conduit/outbound _is_ supported in the beta of PIX version 6.0 and history would suggest that Cisco will probably support the older commands for some time. And your right - once you apply an ACL to an interface with the "access-group" command, your conduits & outbounds for that interface are bypassed. You cannot use a combination of conduits/outbounds and ACLs on the same interface. Regarding Websense, you can use ACLs to setup inbound and outbound access rules and then you can also setup URL filtering with the "url-server" and "filter" commands. These are independant features that work simultaneously. However, the "filter" command does not take an ACL as an argument. If you want to make exceptions to the filter you must type in the appropriate network addresses and netmasks. Pat Payne _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX questions Phu Quy (May 24)
- Re: PIX questions Evan Wagner (May 25)
- <Possible follow-ups>
- RE: PIX questions shewitt (May 25)
- RE: PIX questions Payne, Patrick (May 25)