Resolved! Access-lists with tpc-udp object-group
I am converting from my pix to a ASA 5505.I am having issues making an access list that includes a tcp-udp object-group. Is there a recommended practice for doing this?
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(87) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,586) -
Cisco Bugs
(41) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(147) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(33) -
Cisco Secure Firewall Management Center (FMC)
(152) -
Cisco Secure Firewall Threat Defense (FTD)
(189) -
Cisco Security Cloud Control
(8) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(18) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(45) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(14) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(263) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(32) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(4) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,576) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(322) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(92) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,579) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(2) -
Other Network Security Topics
(10,780) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(3) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(8) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(641) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Hi, I'm trying to configure ZBF on a 2811 router with a site-to-site VPN with GRE Tunnel. But, when I configure the Firewall, the tunnel stops. I've tryed adding several protocols like isakmp but it doesnt' work. Does anybody know which protocol to a...
Hi,Anyone of you know the part number for the ASA 5520 FIREWALL mounting kit. I need to mount it on the rack but unfortunately the customer forget to bring the clamp for the ASA. They wants us to order the new kit for it.swami
what would the be side of effects of setting 'timeout conn' to 5hrs? beside the possibly of running out of connection resources. anything security related?i have a client that as a web base report that takes 5 hours to run. things where fine when th...
I'm using VPN client - version 5.0.03.0530. I don't have access to the VPN server configuration.The soft set the default route of my windows xp through the VPN once established. This is a problem since I can't read my mails (hosted on a local server)...
Inside = 10.10.10.0/24DMZ = 10.10.20.0/24Outside interface of ASA5520 = 66.66.66.25DMZ host 10.10.20.50 has a 1-to-1 NAT translation with 66.66.66.27Everythis is fine except that after the DMZ host 10.10.20.50 was configured to have a 1-to-1 NAT tran...
Our VPN clients are able to access all other network resources except those with a static NAT translation on the same router that controls client connections.
I have an ASA with the SSM IPS module in it. I must be doing something wrong because all of my events are showing my internal addresses as attackers and the external addresses as the victims. We do have citrix servers that we use and so I am gettin...
Has anyone ever implemented VRF routing within IPSEC VPN tunnels on an ASA 5580? Thanks,-Alonzo
Hey guys,I have two 6500's with FWSM's. The 6500's have a VPN connection from each to a PIX for VPN between two sites. The route out of the FWSM is the HSRP of the two 6500's so while both connections are up there's no problem. However, if one VPN...
Hi all,I got a problem in the firewall network. One of the inside servers got virus and generated a huge TCP connections with other unknown hosts outside. Eventually, it depleted the connection resource and made the ASA5520 frozen. I had to disconnec...
I generate the cert request from NAC CAM and give the file to the customer. Then customer give me back several file including "CAM.key, CAM.crt and CAM_DigiCertCA.crt".When I import to the NAC, it fail and got the message "Must include end entity cer...
I have ASA 5510's that authenticate users to the Active Directory. Is there a way to prevent users, that even though they are validated through the AD from being to establish a VPN connection?
We have a ASA 5520 and we are seeing a lot of traffic on our outside and dmz interfaces. we intend to capture packets on those interfaces can someone help me with how we can ,,,with minimal cpu utilization ,, coz cpu is already at 85% now,,,Thnx muc...
Hi,I would like to audit all changes made on my ASA 5540 (software version 7.2).Is there a way to do that?How is the best way?Thank youTauer
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 01-21-2026 03:34 PM | ||
| 01-21-2026 11:24 AM | ||
| 01-20-2026 01:44 PM | ||
| 12-31-2025 01:53 AM | ||
| 12-15-2025 09:32 PM |
Top Solution Authors
| User | Count |
|---|---|
| 4 | |
| 4 | |
| 3 | |
| 2 | |
| 1 |
