Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

correct access-list syntax?

I am trying to allow ncp and slp from various subnets through the Pix 515-ur. I keep getting syntax errors. Can anyone give me the correct syntax to let the following through.

subnet 149.168.0.0 mask 255.255.0.0

protocol ncp

to any system inside firewall

Thanks,

brian

2 REPLIES
New Member

Re: correct access-list syntax?

You'll need to enter the protocol and port number, the PIX only knows well known ports by name.

New Member

Re: correct access-list syntax?

Brian,

I believe your command should look something like this:

access-list 101 permit tcp 149.168.0.0 255.255.0.0 any eq 524

access-list 101 permit udp 149.168.0.0 255.255.0.0 any eq 524

You will need to copy these two lines replacing the port number for ncp with the port number for slp and then add the interfaces to the access group in interface configuration mode. Hope I have helped and not hindered.

112
Views
0
Helpful
2
Replies
CreatePlease to create content