ghost access-list line

Unanswered Question
Jul 7th, 2009
User Badges:

Hi there, i've got a situation - i have an acl "xxx" with only 4 "permit" line's.

When i try to apply this acl to the static address translation with command (static (SAP,outside) access-list xxx) i get an error message (ERROR: access-list contains deny), when i view this acl - i can't see any deny line.

Anyway when i create new acl with these 4 lines and try to make a static translation i get another error message (ERROR: access-list source addresses are not identical).

i don't know where to get the truth :"(

ps. hw - pix515, sw - Cisco PIX Firewall Version 6.3(3)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Tue, 07/07/2009 - 05:23
User Badges:
  • Blue, 1500 points or more

please post your ACL and the nat statement you're trying to apply it to.


This Discussion