10-14-2007 06:51 AM - edited 03-11-2019 04:25 AM
I has tried migrating the PIX os from 6.2(3) to 7.2(3). After the upgrade relevant configurations has changed to the new command syntax.
But i got an error with the NAT acl "access-list has protocol or port" and iam unable to go thro' the entire statments due to its length.
10-14-2007 11:17 AM
Not sure what your question is but it doesn't seem to like that you have an extended acl in your nat statement. For example...
access-list nonat permit tcp host x.x.x.x host y.y.y.y www
nat (inside) 0 access-list nonat
10-15-2007 10:15 AM
you are right. While in 6.2(3) i have ACL's for port based restrictions.
After migrating to 7.2(3), this NAT statement was missing in the config- nat (inside) 0 access-list nonat
When i tried adding it iam gettting this error "access-list has protocol or port" . I hv no other go than roll back the OS upgrade.
10-15-2007 10:43 AM
I don't think you can do it in anything 6.3 and above. What is your purpose for using it this way exactly, I know you said "port based restrictions". Could you be more specific?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: