[fw-wiz] PIX Firewall IP Addresses

• Previous message: Stephen Gill: "Re: [fw-wiz] CERT vulnerability note VU# 539363 (fwd)"
• Next in thread: Nigel McLellan (DSL AK): "RE: [fw-wiz] PIX Firewall IP Addresses"
• Reply: Nigel McLellan (DSL AK): "RE: [fw-wiz] PIX Firewall IP Addresses"
• Reply: Ben Nagy: "RE: [fw-wiz] PIX Firewall IP Addresses"
• Reply: Scot Hartman: "RE: [fw-wiz] PIX Firewall IP Addresses"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We are using a CISCO PIX firewall version 5.2(5), with both NAT and PAT 
enabled.  My task is to clean-up/reduce the number of conduit rules.  I am 
new at this. 

While reviewing the rules in place, I noticed many cases where individual 
rules are written for consecutive IP addresses.  My question is whether 
the syntax allows for a "range" of addresses to be used in one rule.  For 
example,

Rules written to allow access from source addresses - 172.165.50.200, 
172.165.50.201, 172.165.50.202

Can a source address on one rule replace the 3 rules above, such as 
172.165.50.200-202

Thank you for any assistance.

Regards,

Mark McCreary
_______________________________________________
firewall-wizards mailing list
firewall-wizardsat_private
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Next message: Mike Frantzen: "Re: [fw-wiz] Proverbial appliance "Its software, Jim!""
• Previous message: Stephen Gill: "Re: [fw-wiz] CERT vulnerability note VU# 539363 (fwd)"
• Next in thread: Nigel McLellan (DSL AK): "RE: [fw-wiz] PIX Firewall IP Addresses"
• Reply: Nigel McLellan (DSL AK): "RE: [fw-wiz] PIX Firewall IP Addresses"
• Reply: Ben Nagy: "RE: [fw-wiz] PIX Firewall IP Addresses"
• Reply: Scot Hartman: "RE: [fw-wiz] PIX Firewall IP Addresses"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 17 2002 - 07:44:57 PDT