In PIX 6.3 and older it would be fine, but not with version 7 and above.
No ports in PAT ACLs any longer. :-) So if you migrate your stuff from
6.3, you might have to review PAT ACLs.
A.
karim jamali wrote:
> Hi,
>
> I am not sure but I believe that the nat exemption access-list cannot have
> protocols or ports.
>
> I may be be wrong though.
>
> Best Regards,
>
> On Tue, Jan 5, 2010 at 8:31 AM, Sajjad Najafizadeh <najafizadeh_at_gmail.com>wrote:
>
>
>> Hi
>>
>> I get error : ERROR: access-list has protocol or port when trying to add
>> exepmtion nat in ASA.
>>
>> ASA(config)# nat (inside) 0 access-list zero_nat_acl
>> ERROR: access-list has protocol or port
>>
>> Any advice ?
>>
>> Regards
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Jan 05 2010 - 17:58:39 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:41 ART