From: pkjones@xxxxxxx
Date: Fri Aug 25 2000 - 09:42:07 GMT-3
Hi Sam,
Try this:
conduit permit tcp host x.x.x.x range 1024 5000 any
Paul.
---------------------- Forwarded by Paul K Jones/DataComm/GPU on 08/25/2000
08:40 AM ---------------------------
Sam Munzani <sam@chinet.com> on 08/24/2000 03:20:56 PM
Please respond to Sam Munzani <sam@chinet.com>
cc: (bcc: Paul K Jones/DataComm/GPU)
Subject: PIX firewall Conduit operator
Hi All,
I have an unique situation. I have done static translation for a host
behind firewall. Now I have to create conduit to open up following ports.
TCP 419, 421,422, 1024 to 5000(Don't ask me why)
I did those 400 series ports with 3 commands like below.
conduit permit tcp host xxx.xxx.xxx.xxx eq 419 any
Using gt and lt operator I could do following.
conduit permit tcp host xxx.xxx.xxx.xxx gt 1024 any
conduit permit tcp host xxx.xxx.xxx.xxx lt 5000 any
However both operators does not work if I put in one line. I am not sure
if this will work. I don't have any good way to test either because the
people requesting to open these ports don't have a clue of what they are
doing and if there is any application listening to those ports.
Any suggestions are appreciated.
Sam
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:29 GMT-3