Re: Pix question

From: Annu (annu_roopa@xxxxxxxxx)
Date: Tue Nov 13 2001 - 16:24:27 GMT-3

• Next message: Mark Newcomb: "RE: Pix Nat/Pat question - Multiple outside ip's to 1 inside ip a ddress"
• Previous message: Dean, Justin: "OT: Pix Nat/Pat question - Multiple outside ip's to 1 inside ip a ddress"
• Maybe in reply to: Ferguson,Steven: "Pix question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Steven,

U are right the access-list statments do not have that
flexibilty.Also start using access-list as Cisco
eventually will be replacing conduits with
access-list.Also as i know and have used access-lists
takes precedence over conduit statments.

U can still use show access-list to see hit count if u
want.

Bye,
Annu.

--- "Ferguson,Steven" <sferguson@dtae.org> wrote:
> I am working with access-lists on the pix instead of
> conduits. When I used
> conduits I was able to do a show conduit (ip
> address) and see everything
> that applied to that address. I have lost that
> functionality with
> access-lists so far. I can do a show access-list
> and get everything. I can
> expand that to show access-list sip smask dip dmask
> .... etc..... but that
> means I have to remember every statement in the
> firewall. I want to be able
> to do a show access-list or equivalent that would
> give me the same
> functionality as the sh conduit (ip address). I use
> this to look at hit
> counts on access statements.
>
> Thanks,
>
> Steven
>

• Next message: Mark Newcomb: "RE: Pix Nat/Pat question - Multiple outside ip's to 1 inside ip a ddress"
• Previous message: Dean, Justin: "OT: Pix Nat/Pat question - Multiple outside ip's to 1 inside ip a ddress"
• Maybe in reply to: Ferguson,Steven: "Pix question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 21 2002 - 06:45:14 GMT-3