topic GRE with Static NAT on ASA 5540 running 8.2 in Network Security https://community.cisco.com/t5/network-security/gre-with-static-nat-on-asa-5540-running-8-2/m-p/1428930#M634726 <P>Hi,</P><P></P><P>I am trying to run below command</P><P></P><P>access-list test extended permit gre host 192.x.x.x any</P><P>static (inside,outside) 59.x.x.x access-list test</P><P></P><P>after putting static command i get error saying</P><P>protocol mismatch between the static and access-list</P><P></P><P></P><P>need help to find if gre protocol is supported using static nat or not as when calling access-list with any port under tcp or udp protocol it works.</P><P></P><P>Regards</P><P>Amar</P> Mon, 11 Mar 2019 18:00:12 GMT amardram123 2019-03-11T18:00:12Z GRE with Static NAT on ASA 5540 running 8.2 https://community.cisco.com/t5/network-security/gre-with-static-nat-on-asa-5540-running-8-2/m-p/1428930#M634726 <P>Hi,</P><P></P><P>I am trying to run below command</P><P></P><P>access-list test extended permit gre host 192.x.x.x any</P><P>static (inside,outside) 59.x.x.x access-list test</P><P></P><P>after putting static command i get error saying</P><P>protocol mismatch between the static and access-list</P><P></P><P></P><P>need help to find if gre protocol is supported using static nat or not as when calling access-list with any port under tcp or udp protocol it works.</P><P></P><P>Regards</P><P>Amar</P> Mon, 11 Mar 2019 18:00:12 GMT https://community.cisco.com/t5/network-security/gre-with-static-nat-on-asa-5540-running-8-2/m-p/1428930#M634726 amardram123 2019-03-11T18:00:12Z Re: GRE with Static NAT on ASA 5540 running 8.2 https://community.cisco.com/t5/network-security/gre-with-static-nat-on-asa-5540-running-8-2/m-p/1428931#M634727 <HTML><HEAD></HEAD><BODY><P>See the syntax per documentation :</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/s8.html#wp1512466">http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/s8.html#wp1512466</A></P><P></P><P>####</P><P><SPAN class="content">This access list should include only <STRONG class="cBold">permit</STRONG> ACEs. You can optionally specify the real and&nbsp; destination ports in the access list using the <STRONG class="cBold">eq</STRONG> operator. </SPAN></P><P><SPAN class="content">###</SPAN></P><P></P><P>The protocol you used is not allowed to be used for access-list on Static . You can use tcp or udp,&nbsp; or topgether&nbsp; with specific port.</P><P></P><P>Regards,</P></BODY></HTML> Wed, 16 Jun 2010 12:20:25 GMT https://community.cisco.com/t5/network-security/gre-with-static-nat-on-asa-5540-running-8-2/m-p/1428931#M634727 edadios 2010-06-16T12:20:25Z