Hi Adil, your access-list in incorrect, try: access-list R1l0-R4l0 extended permit tcp host 10.1.1.1 eq telnet host 10.4.4.4
Regards, Meytal ________________________________ מאת: [email protected] בשם Adil Pasha נשלח: ש 14/05/2011 17:20 אל: CCIE Security Maillist נושא: Re: [OSL | CCIE_Security] [SOLVED] ASA NAC - no response from CTAEAPoUDP Could you please let me know what is the reason that I am getting the mismatch error message? I spend enough time on Google and read ASA Config Guide but could not get the answer. Thanks in advance. When I configure the ASA policy based NAT without any port and use 'permit ip' in the ACL the static command works. ASA1/c1(config)# access-list R1l0-R4l0 per ip ho 10.1.1.1 ho 10.4.4.4 ASA1/c1(config)# static (inside,outside) 192.168.6.61 access-list R1l0-R4l0 When I use 'permit tcp' and add the port 'telnet' to it I get the error message. access-list R1l0-R4l0 extended permit tcp host 10.1.1.1 host 10.4.4.4 eq telnet ASA1/c1(config)# static (inside,outside) 192.168.6.61 access-list R1l0-R4l0 ERROR: Protocol mismatch between the static and access-list ASA1/c1(config)# Best Regards. ______________________ Adil
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
