Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
856
Views
0
Helpful
1
Replies

Cisco asa 5510 ERROR: Cannot add policy to rule engine

DavidReisner
Level 1
Level 1

‎03-06-2013 10:24 AM - edited ‎03-11-2019 06:10 PM

Hello,

I am trying to add 89,462+ access list rules to an ASA 5510 running 8.2(5). I have added all the rules to an object group and when I try to apply the access list to an interface it gives me the foolowing error:

ERROR: Cannot add policy to rule engine

ERROR: Unable to assign access-list wan-out to interface wan

I have not tried not using an object group and just putting the rules in the access list. I want to be able to add to these rules if needed easily.

I think it's clear that i have exceeded the rule limit for the ASA. So my question is, what is the rule limit for an ASA 5510 and which ASA could I purchase that would handle this amount of rules?

Any help would be appreaciated.

Thanks

Labels:
0 Helpful
1 Reply 1

jocamare
Level 4
Level 4

‎03-06-2013 10:48 AM

The problem might be that the unit is running out of memory, an upgrade will let you add more rules.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card