hey guys, anybody know about any issues with policy and access-list object-group?
I tried to make this config and pix returned an error:
the config was this:
object-group network 202_1_15_15
network-object 10.0.0.0 255.255.248.0
network-object 10.1.102.0 255.255.255.0
network-object 10.2.0.0 255.255.192.0
network-object 10.2.64.0 255.255.192.0
network-object 10.2.192.0 255.255.192.0
network-object 10.3.47.0 255.255.255.0
network-object 10.3.247.0 255.255.255.0
network-object 10.3.251.0 255.255.255.0
network-object 10.5.0.0 255.255.240.0
network-object 10.5.16.0 255.255.252.0
access-list nat_outside1 permit ip object-group 202_1_15_15 any
nat (inside) 1515 acccess-list nat_outside1
global (outside) 1515 202.1.1.15
When i applied the nat command this error was displayed:
ERROR: Invalid ip address <access-list>
The Pix version is 6.3.3
I tried this over ASA, and the config was permit without problem.
Let me know any input.
regards.
Gerard