Comments on: Cisco PIX: Allow traffic to an internal host http://www.tech-recipes.com/rx/353/cisco-pix-allow-traffic-to-an-internal-host/ Computer and technology tutorials and guides Sun, 22 Nov 2009 02:44:39 -0800 http://wordpress.org/?v=2.8.6 hourly 1 By: douglassh http://www.tech-recipes.com/rx/353/cisco-pix-allow-traffic-to-an-internal-host/comment-page-1/#comment-4591 douglassh Tue, 28 Oct 2008 15:24:42 +0000 guid-fix-me!#comment-4591 Well done .<br>Regards<br><br><a href="http://xtupload.com" title="host image free">host image free</a> Well done .
Regards

host image free

]]> By: Flibble http://www.tech-recipes.com/rx/353/cisco-pix-allow-traffic-to-an-internal-host/comment-page-1/#comment-579 Flibble Wed, 08 Sep 2004 02:47:05 +0000 guid-fix-me!#comment-579 or rather ICMP doesn't JUST equal PING. Opening up all of the ICMP protocol allows source quenches, router redirection and a whole host of stuff that can cause problems. If all that is required is PING then restrict the traffic to echo request <->echo reply. or rather ICMP doesn’t JUST equal PING. Opening up all of the ICMP protocol allows source quenches, router redirection and a whole host of stuff that can cause problems. If all that is required is PING then restrict the traffic to echo request <->echo reply.

]]> By: http://www.tech-recipes.com/rx/353/cisco-pix-allow-traffic-to-an-internal-host/comment-page-1/#comment-201 Wed, 09 Jun 2004 10:47:50 +0000 guid-fix-me!#comment-201 Sorry I should have posted this above. Cisco has a tool on their website to help in converting conduits to ACLs. It works pretty well but YMMV. <span style="text-decoration:underline">Always</span> check the configuration file afterward. Online tool: https://cco-dev.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl Downloadable tool if you have a CCO login: http://www.cisco.com/cgi-bin/tablebuild.pl/pix -Tom Sorry I should have posted this above. Cisco has a tool on their website to help in converting conduits to ACLs. It works pretty well but YMMV. Always check the configuration file afterward.

Online tool:
https://cco-dev.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl

Downloadable tool if you have a CCO login:
http://www.cisco.com/cgi-bin/tablebuild.pl/pix

-Tom

]]> By: http://www.tech-recipes.com/rx/353/cisco-pix-allow-traffic-to-an-internal-host/comment-page-1/#comment-200 Wed, 09 Jun 2004 10:40:49 +0000 guid-fix-me!#comment-200 FYI: ACL's were added in IOS 5.3. All major releases after 6.3 have dropped support for conduits and you must use ACLs. FYI: ACL’s were added in IOS 5.3. All major releases after 6.3 have dropped support for conduits and you must use ACLs.

]]>