Thanks Meytal, Could you please let me know the reason?
Best Regards. ______________________ Adil On May 14, 2011, at 2:42 PM, Meytal Mizrahi wrote: > Hi Adil, > > your access-list in incorrect, try: > access-list R1l0-R4l0 extended permit tcp host 10.1.1.1 eq telnet host > 10.4.4.4 > Regards, > Meytal > > מאת: [email protected] בשם Adil Pasha > נשלח: ש 14/05/2011 17:20 > אל: CCIE Security Maillist > נושא: Re: [OSL | CCIE_Security] [SOLVED] ASA NAC - no response from CTAEAPoUDP > > Could you please let me know what is the reason that I am getting the > mismatch error message? > > I spend enough time on Google and read ASA Config Guide but could not get the > answer. > > Thanks in advance. > > When I configure the ASA policy based NAT without any port and use 'permit > ip' in the ACL the static command works. > > ASA1/c1(config)# access-list R1l0-R4l0 per ip ho 10.1.1.1 ho 10.4.4.4 > ASA1/c1(config)# static (inside,outside) 192.168.6.61 access-list R1l0-R4l0 > > When I use 'permit tcp' and add the port 'telnet' to it I get the error > message. > > access-list R1l0-R4l0 extended permit tcp host 10.1.1.1 host 10.4.4.4 eq > telnet > ASA1/c1(config)# static (inside,outside) 192.168.6.61 access-list R1l0-R4l0 > ERROR: Protocol mismatch between the static and access-list > ASA1/c1(config)# > > > Best Regards. > ______________________ > Adil >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
