Firewall Wizards mailing list archives
Re: PIX 520 - Converting conduits to access-lists
From: "Miha Vitorovic" <miha () nil si>
Date: Wed, 23 Oct 2002 16:05:04 +0200
Hi, If you're trying to access the server from the Internet, then the ACL to handle that must be bound to interface outside. ACL bound to interface DMZ regulates what devices on the DMZ network can connect to. If you don't have any outside ACL, just append your ACL to interface outside: access-group DMZ_IN in interface outside Otherwise append the appropriate rules to the outside ACL. Have fun, --- Miha Vitorovic Inženir v tehničnem področju Customer Support Engineer NIL Data Communications, Einspielerjeva 6, 1000 Ljubljana, Slovenia Phone +386 1 4746 500 Fax +386 1 4746 501 http://www.NIL.si access-list DMZ_IN permit tcp any host my.public.addy.here eq ftp (hitcnt=0) access-list DMZ_IN permit tcp any host my.public.addy.here eq ftp-data (hitcnt=0) access-list DMZ_IN permit udp any host my.public.addy.here eq domain (hitcnt=0) access-list DMZ_IN permit tcp any host my.public.addy.here eq domain (hitcnt=0) access-group DMZ_IN in interface DMZ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX 520 - Converting conduits to access-lists Eye Am (Oct 23)
- Re: PIX 520 - Converting conduits to access-lists Jean Caron (Oct 23)
- <Possible follow-ups>
- Re: PIX 520 - Converting conduits to access-lists Miha Vitorovic (Oct 23)