Thanks so much to all of you.
Best Regards. ______________________ Adil On May 15, 2011, at 12:16 AM, Kingsley Charles wrote: > You are trying static PAT, so the access-list needs a corresponding source > port. But originally, your access-list had destination port. > > > With regards > Kings > > On Sun, May 15, 2011 at 12:35 AM, Adil Pasha <[email protected]> wrote: > Thanks Meytal, > > Could you please let me know the reason? > > > Best Regards. > ______________________ > Adil > > On May 14, 2011, at 2:42 PM, Meytal Mizrahi wrote: > >> Hi Adil, >> >> your access-list in incorrect, try: >> access-list R1l0-R4l0 extended permit tcp host 10.1.1.1 eq telnet host >> 10.4.4.4 >> Regards, >> Meytal >> >> מאת: [email protected] בשם Adil Pasha >> נשלח: ש 14/05/2011 17:20 >> אל: CCIE Security Maillist >> נושא: Re: [OSL | CCIE_Security] [SOLVED] ASA NAC - no response from >> CTAEAPoUDP >> >> Could you please let me know what is the reason that I am getting the >> mismatch error message? >> >> I spend enough time on Google and read ASA Config Guide but could not get >> the answer. >> >> Thanks in advance. >> >> When I configure the ASA policy based NAT without any port and use 'permit >> ip' in the ACL the static command works. >> >> ASA1/c1(config)# access-list R1l0-R4l0 per ip ho 10.1.1.1 ho 10.4.4.4 >> ASA1/c1(config)# static (inside,outside) 192.168.6.61 access-list R1l0-R4l0 >> >> When I use 'permit tcp' and add the port 'telnet' to it I get the error >> message. >> >> access-list R1l0-R4l0 extended permit tcp host 10.1.1.1 host 10.4.4.4 eq >> telnet >> ASA1/c1(config)# static (inside,outside) 192.168.6.61 access-list R1l0-R4l0 >> ERROR: Protocol mismatch between the static and access-list >> ASA1/c1(config)# >> >> >> Best Regards. >> ______________________ >> Adil >> > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
