Solved: Hi,Once , you have defined

amardram123 · ‎05-28-2015

Hi All,

I am trying to configure an acl in ASA 8.6(1)2.. but getting below error marked in bold.. just trying to understand what is wrong in my service object group.!!

object-group service TCP_ports
service-object tcp destination eq 1433
service-object tcp destination eq 8733

Below is the acl i am trying to implement..

access-list outside_access_in extended permit tcp object-group Destinations_Enc_Domain object-group Source_Enc_Domain object-group TCP_ports

ERROR: specified object group <TCP_ports> has wrong type; expecting service type\

Thanks,

Amar

Vibhor Amrodia · ‎05-28-2015

Hi,

Once , you have defined the Protocol type on the object group , you don't have to define that again in the ACE.

Use this instead:-

access-list outside_access_in extended permit object-group TCP_ports object-group Destinations_Enc_Domain object-group Source_Enc_Domain

Thanks and Regards,

Vibhor Amrodia

View solution in original post

Vibhor Amrodia · ‎05-28-2015

Hi,