05-28-2015 03:48 AM - edited 03-11-2019 11:00 PM
Hi All,
I am trying to configure an acl in ASA 8.6(1)2.. but getting below error marked in bold.. just trying to understand what is wrong in my service object group.!!
object-group service TCP_ports
service-object tcp destination eq 1433
service-object tcp destination eq 8733
Below is the acl i am trying to implement..
access-list outside_access_in extended permit tcp object-group Destinations_Enc_Domain object-group Source_Enc_Domain object-group TCP_ports
ERROR: specified object group <TCP_ports> has wrong type; expecting service type\
Thanks,
Amar
Solved! Go to Solution.
05-28-2015 06:31 AM
Hi,
Once , you have defined the Protocol type on the object group , you don't have to define that again in the ACE.
Use this instead:-
access-list outside_access_in extended permit object-group TCP_ports object-group Destinations_Enc_Domain object-group Source_Enc_Domain
Thanks and Regards,
Vibhor Amrodia
05-28-2015 06:31 AM
Hi,
Once , you have defined the Protocol type on the object group , you don't have to define that again in the ACE.
Use this instead:-
access-list outside_access_in extended permit object-group TCP_ports object-group Destinations_Enc_Domain object-group Source_Enc_Domain
Thanks and Regards,
Vibhor Amrodia
05-28-2015 08:20 AM
Thanks Vibhor,it worked... cheers :-)
Amar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide