Solved

How to use "conduit permit ip host" to allow acces to any port ?

Posted on 2003-11-20
4
1,251 Views
Last Modified: 2008-02-01
Hi,
I have a user who need to access one particular IP on my network. I have assigned public IP to that computer but I don't know how to add a line to my PIX515 to allow access to that particular user IP (public IP) to access any port on my internal computer.
I have tried:
           conduit permit ip host 214.18.161.151 203.225.211.118 255.255.255.24
and
           conduit permit ip host 214.18.161.151 203.225.211.118 255.255.255.240
and
         conduit permit ip host 214.18.161.151 203.225.211.118 255.255.255.0

but firewall won't accept it.
It's erroring like this:
ERROR: Source address,mask <203.225.211.118,255.255.255.0> doesn't pair
Please help

Thanks


0
Comment
Question by:geomic
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 250 total points
ID: 9787438
Hi geomic,
try

conduit permit ip host 214.18.161.151 203.225.211.118 255.255.255.255


Cheers!
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9787810
Pete's correct. You have to use a host mask
0
 

Author Comment

by:geomic
ID: 9787898
It did work, thanks a lot.
FYI, after I added that line to configuration it was coverted to different line:

conduit permit ip host 214.18.161.151 host 203.225.211.118


geomic
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 9788917
ThanQ

Pete
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question