Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
494
Views
0
Helpful
1
Replies

ERROR: access-list has protocol or port

big_admin
Level 1
Level 1

‎05-07-2007 10:13 PM - edited ‎03-11-2019 03:10 AM

Hi there, I have an ASA 5510 version 7.0(4). I have a problem with the nat0 , at some point of time my nat0 line on the inside interface simply dissappears . When i try to add it again it gives me an error ERROR: access-list has protocol or port . Now according to me we had ip based access as well as portocol and port based access-list in the nat0 and this was working fine for last 6 months without any issues. Now that we have removed protocol based and only assigned ip based it works fine . I have gone through all the bugs for this version but didnt find any of this kind . The same acl (protocol and port based) works fine in some PIX which we have . Can any one point as to what is the problem with this version of ASA

Labels:
0 Helpful
1 Reply 1

hadbou
Level 5
Level 5

‎05-11-2007 12:37 PM

ASA won?t take the access-list is you are using ports on its syntax. You will need to define it without using the ports. If you will like to restrict the VPN traffic to certain ports what is suggested is to apply an access-group on the interface where the hosts are coming from or apply a VPN-filter to the proper VPN entry.

Try this: If you are using the GRE protocol, remove the GRE protocol from the NONAT ACL

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card