Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ERROR: access-list has icmp type selector

Hi all

im trying to apply access list to crypto map . and when i apply it its giving me the error

ERROR: access-list has icmp type selector

any idea please . thanks all

1 ACCEPTED SOLUTION

Accepted Solutions

ERROR: access-list has icmp type selector

The crypto-acl should be of permit IP type. You shouldn't specify protocols, like ICMP, tcp, etc.

So your proxy-acl should looks smth like this:

access-list PROXY_ACL permit IP x.x.x.x 255.255.255.9 y.y.y.y 255.255.255.0

but not this:

access-list PROXY_ACL permit icmp host x.x.x.x host y.y.y.y eq echo

4 REPLIES

ERROR: access-list has icmp type selector

Please elaborate the question. What device (router or ASA) are you talking about and what version? could you show us the exact commands you applied when you got the error ?

ERROR: access-list has icmp type selector

The crypto-acl should be of permit IP type. You shouldn't specify protocols, like ICMP, tcp, etc.

So your proxy-acl should looks smth like this:

access-list PROXY_ACL permit IP x.x.x.x 255.255.255.9 y.y.y.y 255.255.255.0

but not this:

access-list PROXY_ACL permit icmp host x.x.x.x host y.y.y.y eq echo

Community Member

ERROR: access-list has icmp type selector

thanks Andrew . this is great help . still have problem the phase 2 tunnel is dropping on some networks . i will start new discussion for it . thanks agine

Bronze

Re: ERROR: access-list has icmp type selector

Andrew is correct

Sent from Cisco Technical Support iPhone App

438
Views
5
Helpful
4
Replies
CreatePlease to create content