03-25-2008 06:58 PM - edited 03-11-2019 05:22 AM
I have a pix515e ver 6.3
I defined a object-group
eg. pix1(config)#obect-group network mxly
network-object 200.65.23.0 0.0.0.0
network-object """"" " "
network-object 202.65.30.0 0.0.0.0
pix(config)#access-list outside_acl permit tcp mxly 67.90.0.34 eq 25
the error is invalid ip address mxly.
How can I use or what is the correct context to use the object-group in my access-list as the source.
Thanks
Solved! Go to Solution.
03-26-2008 12:29 AM
Hi
In addition to previous post you need to modify your acl ie.
access-list outside_acl permit tcp mxly 67.90.0.34 eq 25
should be
access-list outside_acl permit tcp object-group mxly host 67.90.0.34 eq 25
HTH
Jon
03-25-2008 07:03 PM
For the network-object command, use a network mask. For example:
network-object 200.65.23.0 255.255.255.0
It looks as if you are trying to use a wildcard mask.
Other than that, it looks fine.
03-26-2008 12:29 AM
Hi
In addition to previous post you need to modify your acl ie.
access-list outside_acl permit tcp mxly 67.90.0.34 eq 25
should be
access-list outside_acl permit tcp object-group mxly host 67.90.0.34 eq 25
HTH
Jon
03-26-2008 06:39 AM
Good call....I should have caught that as I use object groups all of the time.
tdalago911, did this fix your problem?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: