Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

conduit permit command

Status
Not open for further replies.
jkaufman

jkaufman

Technical User
Mar 15, 2004
2
US
Is there a difference between "conduit permit tcp host x.x.x.x any eq www" and conduit permit tcp host x.x.x.x eq I've had instances where one works and the other doesn't and one case recently where term svcs (port 3389) needed both before access was granted from outside.
 
Sort by date Sort by votes
conduit permit tcp host x.x.x.x any eq www"
You are saying anyone can come on port 80 only to host x.x.x.x who's listening on any port

conduit permit tcp host x.x.x.x eq You are saying anyone can come on any port to host x.x.x.x who's listening on port 80 only.
 
Upvote 0 Downvote
That was my understanding too...but then shouldn't either conduit work in almost all instances?
 
Upvote 0 Downvote
Nope because clients use dynamic ports above 1024 while servers usually listen on fixed ports below 1024. For your internal servers you should use the later one.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jim_bmx
  • Locked
  • Question
sh proxy command
Replies
0
Views
684
jim_bmx
jim_bmx
reaven
  • Locked
  • Question
pix rule to permit access between subnet
Replies
0
Views
66
reaven
reaven
arcolino
  • Locked
  • Question
trace route command on the pix 525 ios ver 7.04
Replies
0
Views
95
arcolino
arcolino
johneverts
  • Locked
  • Question
ASA 5505 not taking commands from ASDM or cli.
Replies
2
Views
109
johneverts
johneverts
DozAdmin
  • Locked
  • Question
xp command line ftp
Replies
4
Views
124
NetRx
NetRx

Part and Inventory Search

Sponsor

Back
Top