Solved

conduit permit command on a pix 506 version 5.1

Posted on 2006-06-15
8
498 Views
Last Modified: 2013-11-16
hello I am working on a pix version 5.1
I have successfully implimented the
conduit permit tcp host 222.222.222.222 eq 5555 any command.  And it worked! This is so i don't have to drive 50 miles to administer this nightmare.
Anyway, I would like to limit access to port 5555 to ONLY my home ip address for security reasons.   I'm using a remote admin utility.
If anyone knows the exact command , let's pretend my ip at home is 111.111.111.111
Thank's everyone
laura
0
Comment
Question by:lizardqueen007
  • 4
  • 2
  • 2
8 Comments
 
LVL 1

Author Comment

by:lizardqueen007
Comment Utility
Also, I am really new to cisco ios and such so please do not assume i know the syntax.  Thanks
0
 
LVL 5

Expert Comment

by:renill
Comment Utility
can you specify what excatly you need ..
like connecting to your pix appliance or some dmz machines?? remotely?
what is this  222.222.222.222 ?
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
Comment Utility
Replace "any" with 111.111.111.111

conduit permit tcp host 222.222.222.222 eq 5555 111.111.111.111

If I may be so bold - highly suggest you upgrade this to 6.3(5) with the latest PDM. PDM is a graphical user interface that is web/java based and is pretty slick for remote management.
0
 
LVL 1

Author Comment

by:lizardqueen007
Comment Utility
Thank's again Irmoore! Does an upgrade require reconfiguration?  Do I need to purchase the upgrade and where do I get it?  Again, I appreciate very much the excellent help!
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 1

Author Comment

by:lizardqueen007
Comment Utility
router#show running-config
Building configuration...

Current configuration:
!
version 11.0
service udp-small-servers
service tcp-small-servers
!
hostname router
!
enable secret xxxxxxxxxxxxxxxxxxxxxxxxx
enable passwordxxxxxxxxxxxxxxxxxxxxx
!
!
interface Ethernet0
 ip address 99.99.99.99 255.255.255.224
!
interface Serial0
 ip address 99.99.99.99 255.255.255.252
!
interface Serial1
 no ip address
 shutdown
!
ip name-server 222.222.3.65
ip name-server 222.222.2.65
ip route 0.0.0.0 0.0.0.0 99.99.99.99
!
line con 0
line aux 0
 transport input all
line vty 0 4
 password xxxxxxxxxxxxxxxxx
 login
!
end
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
>Does an upgrade require reconfiguration?  Do I need to purchase the upgrade and where do I get it?
Upgrade to the PIX does not require re-configuration initially, but conduits are going away in favor of access-lists. The PDM GUI does not like conduits. Cisco has a conduit-access list converter.

The upgrade is free download from Cisco if you have Smarnet Maintenance contract and CCO login. It's a lot cheaper to buy 1 year of 8x5 maint package than it is to buy a 1-time OS upgrade.
Check http://www.cdw.com  for smartnet maintenance for the 506

The config you posted if for a router. ???

Laura, I admire you for jumping in with both feet - blindfolded! You're not afraid to take risks and jump in and change something to try to fix a problem. Good luck. We'll be here for a long time. Perhaps you'll come back in and start answering questions, too, once you get a little experience.

0
 
LVL 1

Author Comment

by:lizardqueen007
Comment Utility
Yes lrmoore, It seems I posted the router config by mistake.  I will check out the upgrade although this has been a great learning experience.  I really appreciate your help.  I am trying to answer questions to which I know the answers.  I will be around to help out as I learn.  I think I'm headed for the ccna.
Take care,
Laura
0
 
LVL 5

Expert Comment

by:renill
Comment Utility
Irmoore.. Hat's OFF for that fast and prompt Response...

0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now