converting conduits to acl's

[david902]

In preparation to move ahead with my firewall upgrade. I need to convert conduits to ACL's

quesiotn is, it it ok to mix and match, you see i've got a few hundred to do. I fugured if I could do a few every day, they'd eventually get done.

my plan is to enter the ACL, remove the conduit, wait and see if anyone screams. rinse and repeat.

I've got the Conduit converter, but I think it too drastic a change to do then all at once, guaranteeing everything will work correctly is quite an unreasonable expectation.


Thanks.

 

[LloydSev]

it is ok to mix and match, in my experience. Since the code supports both commands, they will both run concurrently.

Computer/Network Technician
CCNA

 

[khaiyang]

Another way to reduce the line of ACL is to do some object grouping, particularly to the servers who has similar attributes.

 

[khaiyang]

Also use Turbo ACL, this allow you to easy insert / remove an ACL rule into/remove a long ACL list.

(Turbo ACL is support in v6.2 and not supported in PIX501)