Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

GRE with Static NAT on ASA 5540 running 8.2

Hi,

I am trying to run below command

access-list test extended permit gre host 192.x.x.x any

static (inside,outside) 59.x.x.x access-list test

after putting static command i get error saying

protocol mismatch between the static and access-list

need help to find if gre protocol is supported using static nat or not as when calling access-list with any port under tcp or udp protocol it works.

Regards

Amar

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: GRE with Static NAT on ASA 5540 running 8.2

See the syntax per documentation :

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/s8.html#wp1512466

####

This access list should include only permit ACEs. You can optionally specify the real and  destination ports in the access list using the eq operator.

###

The protocol you used is not allowed to be used for access-list on Static . You can use tcp or udp,  or topgether  with specific port.

Regards,

1 REPLY
Cisco Employee

Re: GRE with Static NAT on ASA 5540 running 8.2

See the syntax per documentation :

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/s8.html#wp1512466

####

This access list should include only permit ACEs. You can optionally specify the real and  destination ports in the access list using the eq operator.

###

The protocol you used is not allowed to be used for access-list on Static . You can use tcp or udp,  or topgether  with specific port.

Regards,

656
Views
0
Helpful
1
Replies
CreatePlease to create content