[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

conduit permit command on a pix 506 version 5.1

Posted on 2006-06-15
8
Medium Priority
?
564 Views
Last Modified: 2013-11-16
hello I am working on a pix version 5.1
I have successfully implimented the
conduit permit tcp host 222.222.222.222 eq 5555 any command.  And it worked! This is so i don't have to drive 50 miles to administer this nightmare.
Anyway, I would like to limit access to port 5555 to ONLY my home ip address for security reasons.   I'm using a remote admin utility.
If anyone knows the exact command , let's pretend my ip at home is 111.111.111.111
Thank's everyone
laura
0
Comment
Question by:lizardqueen007
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16909929
Also, I am really new to cisco ios and such so please do not assume i know the syntax.  Thanks
0
 
LVL 5

Expert Comment

by:renill
ID: 16910040
can you specify what excatly you need ..
like connecting to your pix appliance or some dmz machines?? remotely?
what is this  222.222.222.222 ?
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 1000 total points
ID: 16910306
Replace "any" with 111.111.111.111

conduit permit tcp host 222.222.222.222 eq 5555 111.111.111.111

If I may be so bold - highly suggest you upgrade this to 6.3(5) with the latest PDM. PDM is a graphical user interface that is web/java based and is pretty slick for remote management.
0
Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

 
LVL 1

Author Comment

by:lizardqueen007
ID: 16911253
Thank's again Irmoore! Does an upgrade require reconfiguration?  Do I need to purchase the upgrade and where do I get it?  Again, I appreciate very much the excellent help!
0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16912976
router#show running-config
Building configuration...

Current configuration:
!
version 11.0
service udp-small-servers
service tcp-small-servers
!
hostname router
!
enable secret xxxxxxxxxxxxxxxxxxxxxxxxx
enable passwordxxxxxxxxxxxxxxxxxxxxx
!
!
interface Ethernet0
 ip address 99.99.99.99 255.255.255.224
!
interface Serial0
 ip address 99.99.99.99 255.255.255.252
!
interface Serial1
 no ip address
 shutdown
!
ip name-server 222.222.3.65
ip name-server 222.222.2.65
ip route 0.0.0.0 0.0.0.0 99.99.99.99
!
line con 0
line aux 0
 transport input all
line vty 0 4
 password xxxxxxxxxxxxxxxxx
 login
!
end
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 16913399
>Does an upgrade require reconfiguration?  Do I need to purchase the upgrade and where do I get it?
Upgrade to the PIX does not require re-configuration initially, but conduits are going away in favor of access-lists. The PDM GUI does not like conduits. Cisco has a conduit-access list converter.

The upgrade is free download from Cisco if you have Smarnet Maintenance contract and CCO login. It's a lot cheaper to buy 1 year of 8x5 maint package than it is to buy a 1-time OS upgrade.
Check http://www.cdw.com  for smartnet maintenance for the 506

The config you posted if for a router. ???

Laura, I admire you for jumping in with both feet - blindfolded! You're not afraid to take risks and jump in and change something to try to fix a problem. Good luck. We'll be here for a long time. Perhaps you'll come back in and start answering questions, too, once you get a little experience.

0
 
LVL 1

Author Comment

by:lizardqueen007
ID: 16918173
Yes lrmoore, It seems I posted the router config by mistake.  I will check out the upgrade although this has been a great learning experience.  I really appreciate your help.  I am trying to answer questions to which I know the answers.  I will be around to help out as I learn.  I think I'm headed for the ccna.
Take care,
Laura
0
 
LVL 5

Expert Comment

by:renill
ID: 16919234
Irmoore.. Hat's OFF for that fast and prompt Response...

0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question