It was enabled on the outside interface incorrectly as part of the 1B troubleshooting lab.
I was thinking this was strange especially considering I did the 1A lab last saturday with no issues. Strange how they have this as a resolved caveat in the release notes for 8.0(4) code though. Cheers Stu On Thu, May 14, 2009 at 8:09 PM, Tyson Scott <[email protected]> wrote: > Sorry if you do have it enabled it should be disabled. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S and Security > > Technical Instructor - IPexpert, Inc. > > > Telephone: +1.810.326.1444 > Cell: +1.248.504.7309 > Fax: +1.810.454.0130 > Mailto: [email protected] > > > > Join our free online support and peer group communities: > http://www.IPexpert.com/communities <http://www.ipexpert.com/communities> > > > > IPexpert - The Global Leader in Self-Study, Classroom-Based, Video On > Demand and Audio Certification Training Tools for the Cisco CCIE R&S Lab, > CCIE Security Lab, CCIE Service Provider Lab , CCIE Voice Lab and CCIE > Storage Lab Certifications. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Stuart Hare > *Sent:* Thursday, May 14, 2009 1:34 PM > *Cc:* Cisco certification; OSL Security > *Subject:* Re: [OSL | CCIE_Security] LAB1B - ASA Static PAT Error > > > > Great! apparently this is on the resolved caveat list for ASA 8.0(4). > > > > Evidently this is not the case =) > > > > > http://www.cisco.com/en/US/docs/security/asa/asa80/release/notes/arn804n.html > > > On Thu, May 14, 2009 at 6:01 PM, Dave Craddock <[email protected]> wrote: > > do you have ssh on the outside as you are using the interface and this is > the asa's ssh address ? > > > > ________________________________ > > From: [email protected] on behalf of Stuart Hare > Sent: Thu 14/05/2009 18:07 > To: OSL Security; Cisco certification > Subject: [OSL | CCIE_Security] LAB1B - ASA Static PAT Error > > > > Has anyone come across the following error when using static PAT. > > asa(config)# static (DMZ7,outside) tcp interface ssh 10.7.7.7 ssh netmask > 255.255.255.255 > ERROR: unable to reserve port 22 for static PAT > ERROR: unable to download policy > > Other static PAT statements are in and working correctly. > static (DMZ8,outside) tcp 192.1.24.8 www 10.8.8.8 www netmask > 255.255.255.255 > static (DMZ8,outside) tcp 192.1.24.8 telnet 10.8.8.8 telnet netmask > 255.255.255.255 > static (DMZ8,outside) tcp 192.1.24.8 8080 8.8.8.8 www netmask > 255.255.255.255 > static (DMZ7,outside) tcp interface https 10.7.7.7 https netmask > 255.255.255.255 > > Not came across this before, any ideas? > > Stu > > -- > Stuart Hare > > [email protected] > > > > > > -- > Stuart Hare > > [email protected] > > -- Stuart Hare [email protected]
