Cisco asa 5510 ERROR: Cannot add policy to rule engine
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-06-2013 10:24 AM - edited 03-11-2019 06:10 PM
Hello,
I am trying to add 89,462+ access list rules to an ASA 5510 running 8.2(5). I have added all the rules to an object group and when I try to apply the access list to an interface it gives me the foolowing error:
ERROR: Cannot add policy to rule engine
ERROR: Unable to assign access-list wan-out to interface wan
I have not tried not using an object group and just putting the rules in the access list. I want to be able to add to these rules if needed easily.
I think it's clear that i have exceeded the rule limit for the ASA. So my question is, what is the rule limit for an ASA 5510 and which ASA could I purchase that would handle this amount of rules?
Any help would be appreaciated.
Thanks
- Labels:
-
NGFW Firewalls

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-06-2013 10:48 AM
The problem might be that the unit is running out of memory, an upgrade will let you add more rules.
