• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 566
  • Last Modified:

conduit permit command on a pix 506 version 5.1

hello I am working on a pix version 5.1
I have successfully implimented the
conduit permit tcp host 222.222.222.222 eq 5555 any command.  And it worked! This is so i don't have to drive 50 miles to administer this nightmare.
Anyway, I would like to limit access to port 5555 to ONLY my home ip address for security reasons.   I'm using a remote admin utility.
If anyone knows the exact command , let's pretend my ip at home is 111.111.111.111
Thank's everyone
laura
0
lizardqueen007
Asked:
lizardqueen007
  • 4
  • 2
  • 2
1 Solution
 
lizardqueen007Author Commented:
Also, I am really new to cisco ios and such so please do not assume i know the syntax.  Thanks
0
 
renillCommented:
can you specify what excatly you need ..
like connecting to your pix appliance or some dmz machines?? remotely?
what is this  222.222.222.222 ?
0
 
lrmooreCommented:
Replace "any" with 111.111.111.111

conduit permit tcp host 222.222.222.222 eq 5555 111.111.111.111

If I may be so bold - highly suggest you upgrade this to 6.3(5) with the latest PDM. PDM is a graphical user interface that is web/java based and is pretty slick for remote management.
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
lizardqueen007Author Commented:
Thank's again Irmoore! Does an upgrade require reconfiguration?  Do I need to purchase the upgrade and where do I get it?  Again, I appreciate very much the excellent help!
0
 
lizardqueen007Author Commented:
router#show running-config
Building configuration...

Current configuration:
!
version 11.0
service udp-small-servers
service tcp-small-servers
!
hostname router
!
enable secret xxxxxxxxxxxxxxxxxxxxxxxxx
enable passwordxxxxxxxxxxxxxxxxxxxxx
!
!
interface Ethernet0
 ip address 99.99.99.99 255.255.255.224
!
interface Serial0
 ip address 99.99.99.99 255.255.255.252
!
interface Serial1
 no ip address
 shutdown
!
ip name-server 222.222.3.65
ip name-server 222.222.2.65
ip route 0.0.0.0 0.0.0.0 99.99.99.99
!
line con 0
line aux 0
 transport input all
line vty 0 4
 password xxxxxxxxxxxxxxxxx
 login
!
end
0
 
lrmooreCommented:
>Does an upgrade require reconfiguration?  Do I need to purchase the upgrade and where do I get it?
Upgrade to the PIX does not require re-configuration initially, but conduits are going away in favor of access-lists. The PDM GUI does not like conduits. Cisco has a conduit-access list converter.

The upgrade is free download from Cisco if you have Smarnet Maintenance contract and CCO login. It's a lot cheaper to buy 1 year of 8x5 maint package than it is to buy a 1-time OS upgrade.
Check http://www.cdw.com  for smartnet maintenance for the 506

The config you posted if for a router. ???

Laura, I admire you for jumping in with both feet - blindfolded! You're not afraid to take risks and jump in and change something to try to fix a problem. Good luck. We'll be here for a long time. Perhaps you'll come back in and start answering questions, too, once you get a little experience.

0
 
lizardqueen007Author Commented:
Yes lrmoore, It seems I posted the router config by mistake.  I will check out the upgrade although this has been a great learning experience.  I really appreciate your help.  I am trying to answer questions to which I know the answers.  I will be around to help out as I learn.  I think I'm headed for the ccna.
Take care,
Laura
0
 
renillCommented:
Irmoore.. Hat's OFF for that fast and prompt Response...

0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

  • 4
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now