fir3net
PPS-Firenetbanner-780.5x190-30-03-17
  • Home
  • Articles
  • Firewalls
  • Cisco
  • Cisco ASA - ERROR: Capture doesn't support access-list containing mixed policies

Cisco ASA - ERROR: Capture doesn't support access-list containing mixed policies

Issue

When trying to run a capture you experience the following error,

asa-skyn3t(config)# access-list cap-acl permit ip any any
asa-skyn3t(config)# capture inside interface inside access-list cap-acl
ERROR: Capture doesn't support access-list <cap> containing mixed policies

Solution

Within ASA 9.0 the 'any' keyword now represents all IPv4 and IPv6 traffic. And the new keywords 'any4' and 'any6' have been introduced to represent either IPv4 or IPv6 traffic.

To resolve the issue perviously seen use the 'any4' or any6' keywords within your ACL,

asa-skyn3t(config)# access-list cap-acl permit ip any4 any4
asa-skyn3t(config)# capture inside interface inside access-list cap-acl

 

Tags: ASA, Cisco, IPv6

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001