ERROR: access-list has protocol or port

Unanswered Question
May 8th, 2007
User Badges:

Hi there, I have an ASA 5510 version 7.0(4). I have a problem with the nat0 , at some point of time my nat0 line on the inside interface simply dissappears . When i try to add it again it gives me an error ERROR: access-list has protocol or port . Now according to me we had ip based access as well as portocol and port based access-list in the nat0 and this was working fine for last 6 months without any issues. Now that we have removed protocol based and only assigned ip based it works fine . I have gone through all the bugs for this version but didnt find any of this kind . The same acl (protocol and port based) works fine in some PIX which we have . Can any one point as to what is the problem with this version of ASA

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Vikas Saxena Sat, 05/12/2007 - 22:18
User Badges:
  • Cisco Employee,

Access list for policy nat and for NAT 0 are different. May be this is the reason why you are saying that you were able to use ports in the ACL for nat. Otherwise NAT 0 will NEVER in any version (either 6.x or 7.x) will allow you to use ports in the NAT 0 ACL.

See the documentation for 7.0

See the documentation for 6.0

And it has been same for the entire 6.x series till 6.3.5.



This Discussion