From: Sam Munzani (sam@xxxxxxxxxxx)
Date: Fri Aug 25 2000 - 10:54:51 GMT-3
YES. That did work.
Thanks a lot Paul. It took me 3 hours on cisco pages and PIX manual search
but could not find anywhere. It took the command at first try. Now I will do
the port testing.
Sam
>
> Hi Sam,
>
> Try this:
>
> conduit permit tcp host x.x.x.x range 1024 5000 any
>
> Paul.
> ---------------------- Forwarded by Paul K Jones/DataComm/GPU on
08/25/2000
> 08:40 AM ---------------------------
>
>
> Sam Munzani <sam@chinet.com> on 08/24/2000 03:20:56 PM
>
> Please respond to Sam Munzani <sam@chinet.com>
>
>
>
> To: ccielab@groupstudy.com
>
> cc: (bcc: Paul K Jones/DataComm/GPU)
>
>
>
> Subject: PIX firewall Conduit operator
>
>
>
>
>
>
>
>
> Hi All,
>
> I have an unique situation. I have done static translation for a host
> behind firewall. Now I have to create conduit to open up following ports.
> TCP 419, 421,422, 1024 to 5000(Don't ask me why)
> I did those 400 series ports with 3 commands like below.
>
> conduit permit tcp host xxx.xxx.xxx.xxx eq 419 any
>
> Using gt and lt operator I could do following.
>
> conduit permit tcp host xxx.xxx.xxx.xxx gt 1024 any
> conduit permit tcp host xxx.xxx.xxx.xxx lt 5000 any
>
> However both operators does not work if I put in one line. I am not sure
> if this will work. I don't have any good way to test either because the
> people requesting to open these ports don't have a clue of what they are
> doing and if there is any application listening to those ports.
>
> Any suggestions are appreciated.
>
> Sam
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:30 GMT-3