Implicit denys behind every access-list are inserted. Are you mixing conduits and access-lists? You really should not. Use ALL conduits or ALL access-lists. If both are used, conduits take priority and override your access-lists. Access-lists are first match, conduits are any match.
At 09:24 AM 11/19/01 -0500, Steve Alston wrote: >Does the PIX 506 require an explicit deny statement after setting up a >permit conduit or access list. > >I appear to be receiving more traffic (e.g. NTP) than my conduit statements >allow. > >Thanks much, >Steve -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26694&t=26684 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
