06-16-2010 03:51 AM - edited 03-11-2019 11:00 AM
Hi,
I am trying to run below command
access-list test extended permit gre host 192.x.x.x any
static (inside,outside) 59.x.x.x access-list test
after putting static command i get error saying
protocol mismatch between the static and access-list
need help to find if gre protocol is supported using static nat or not as when calling access-list with any port under tcp or udp protocol it works.
Regards
Amar
Solved! Go to Solution.
06-16-2010 05:20 AM
See the syntax per documentation :
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/s8.html#wp1512466
####
This access list should include only permit ACEs. You can optionally specify the real and destination ports in the access list using the eq operator.
###
The protocol you used is not allowed to be used for access-list on Static . You can use tcp or udp, or topgether with specific port.
Regards,
06-16-2010 05:20 AM
See the syntax per documentation :
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/s8.html#wp1512466
####
This access list should include only permit ACEs. You can optionally specify the real and destination ports in the access list using the eq operator.
###
The protocol you used is not allowed to be used for access-list on Static . You can use tcp or udp, or topgether with specific port.
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide