Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
0
Helpful
2
Replies

correct access-list syntax?

williams-brian
Level 1
Level 1

‎11-02-2001 06:44 AM - edited ‎02-20-2020 09:16 PM

I am trying to allow ncp and slp from various subnets through the Pix 515-ur. I keep getting syntax errors. Can anyone give me the correct syntax to let the following through.

subnet 149.168.0.0 mask 255.255.0.0

protocol ncp

to any system inside firewall

Thanks,

brian

Labels:
0 Helpful
2 Replies 2

joels
Level 1
Level 1

‎11-02-2001 07:58 AM

You'll need to enter the protocol and port number, the PIX only knows well known ports by name.

0 Helpful

edmonds_robert
Level 1
Level 1

‎11-02-2001 11:45 AM

Brian,

I believe your command should look something like this:

access-list 101 permit tcp 149.168.0.0 255.255.0.0 any eq 524

access-list 101 permit udp 149.168.0.0 255.255.0.0 any eq 524

You will need to copy these two lines replacing the port number for ncp with the port number for slp and then add the interfaces to the access group in interface configuration mode. Hope I have helped and not hindered.

0 Helpful
Customers Also Viewed These Support Documents