01-03-2023 01:00 PM
Hello.
Please see screenshot. I am unable to configure an ACL because of the below strange CLI error. Maybe it has to do with the long input on one line. May you please assist?
Thank you.
Solved! Go to Solution.
01-03-2023 01:57 PM
I solved the symptom, though I don't know why this solved it-- I removed "line 5500" so it now reads...
#access-list Split_Tunnel_ACL extended permit ip object-group object VENDOR_IP_GROUP1 object VPN-Pool
01-03-2023 01:03 PM
@jmaxwellUSAF it's probably something wrong with the syntax, can you provide the full syntax?
01-03-2023 01:08 PM
are you add service (L4 port ) to the ACL extended IP ?
I dont think this work
you need to use ACL extended tcp/udp and then you can use service object group
01-03-2023 01:36 PM - edited 01-03-2023 01:37 PM
here is the full (obfuscated) code..
#object network MY_VPN_Pool
#subnet 172.16.1.0 255.255.255.0
#object-group network VENDOR_IP_GROUP1
#network-object host 1.2.3.4
#access-list Split_Tunnel_ACL extended line 50 permit ip object-group VENDOR_IP_GROUP1 object MY_VPN_Pool
01-03-2023 01:46 PM
I will lab this and check
01-03-2023 01:57 PM
I solved the symptom, though I don't know why this solved it-- I removed "line 5500" so it now reads...
#access-list Split_Tunnel_ACL extended permit ip object-group object VENDOR_IP_GROUP1 object VPN-Pool
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide