09-26-2016 08:23 PM - edited 02-21-2020 05:55 AM
Hello Everyone,
I am trying to enter the following rule but i am getting an Error, I have similar rule already inside the firewall, so I don't really get what is wrong and how to go about troubleshooting it. Can anyone help?
access-list acl_inside extended permit object-group 16-09-08F 132.235.192.0 255.255.192.0 eq https log
(config-network)# access-list acl_inside extended permit object-group$
access-list acl_inside extended permit object-group 16-09-08F 132.235.192.0 255.
255.192.0 eq https log
^
ERROR: % Invalid Hostname
SAME THING WITHOUT LOG
(config-network)# access-list acl_inside extended permit object-group$
access-list acl_inside extended permit object-group 16-09-08F 132.235.192.0 255.
255.192.0 eq https
ERROR: % Incomplete command
SAME STUPID ERROR,
THE RULE THAT IS SIMILAR;
# SH ACCess-list | I 132.235.192.0
access-list acl_inside line 2767 extended permit tcp object-group 16-06-29X-2 132.235.192.0 255.255.192.0 eq https
???????
I am not sure this warrants a case from cisco?
FW100ABCx(config)# object-group network 16-09-08F
FW100ABCx(config-network)# network-object host 172.191.235.136
Adding obj (network-object host 172.191.235.136) to grp (16-09-08F) failed; object already exists
FW100ABCx(config-network)# network-object host 172.191.235.135
Adding obj (network-object host 172.191.235.135) to grp (16-09-08F) failed; object already exists
FW100ABCx(config-network)# network-object host 172.191.235.134
Adding obj (network-object host 172.191.235.134) to grp (16-09-08F) failed; object already exists
FW100ABCx(config-network)# network-object host 172.52.134.76
Adding obj (network-object host 172.52.134.76) to grp (16-09-08F) failed; object already exists
FW100ABCx(config-network)#
FW100ABCx(config-network)# access-list acl_inside extended permit object-group$
access-list acl_inside extended permit object-group 16-09-08F 132.235.192.0 255.255.192.0 eq 443
ERROR: % Incomplete command
Solved! Go to Solution.
09-26-2016 08:45 PM
Hello Hassan,
You are missing protocol keyword (
Try this:
object-group network 16-09-08F
network-object host 172.191.235.136
access-list acl_inside extended permit tcp object-group 16-09-08F 132.235.192.0 255.255.192.0
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
09-26-2016 08:45 PM
Hello Hassan,
You are missing protocol keyword (
Try this:
object-group network 16-09-08F
network-object host 172.191.235.136
access-list acl_inside extended permit tcp object-group 16-09-08F 132.235.192.0 255.255.192.0
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
09-27-2016 01:09 AM
Thanks Dinesh:)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide