asked on

Cisco PIX 525 error

Hi Guys, i am trying to add a new line into my existing firewall list and i am getting this error

ERROR: missing command argument(s)

I had added a few lines in before and everything is smooth, but now when i try to add this line in again, i am encountering the error.

This is the line i am trying to add in:

access-list OUTSIDE line 38 permit tcp xxx.xxx.xxx.xxx 255.255.255.248 host BAM_Public object-group mgmt_svc

Anyone knows what went wrong?

renill

access-list 100 permit object-group protocols object-group
remotes object-group locals object-group services

try this
access-list 101 permit tcp xxx.xxx.xxx.xxx 255.255.255.248 host BAM_Public object-group mgmt_svc eq "network_service"

you have to specify the service associated .
network_service can be ftp , telnet ...etc..etc

renill

usanet21

ASKER

in my current access list, there are already some commands with the below without any error, so i do not think adding a eq will solve the prob. Furthermore, below are the ports for the object-group service mgmt_svc.

access-list OUTSIDE line 38 permit tcp xxx.xxx.xxx.xxx 255.255.255.248 host BAM_Public object-group mgmt_svc

object-group service mgmt_svc tcp
port-object eq ftp-data
port-object eq ftp
port-object eq telnet
port-object eq www
port-object eq sqlnet
port-object eq 4001
port-object eq 5001
port-object eq 5002
port-object eq 5003

ASKER CERTIFIED SOLUTION

Les Moore

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Les Moore

If that fixed your issue precisely, then why the C grade?

usanet21

ASKER

Thats not the precise fixed. But anyway, it is resolved. Thank you so much. I am not using the PDM by the way, i am typing the ACL one by one.

Les Moore

OK, thanks!